Bug 2175903 (CVE-2023-1206) - CVE-2023-1206 kernel: hash collisions in the IPv6 connection lookup table [NEEDINFO]
Summary: CVE-2023-1206 kernel: hash collisions in the IPv6 connection lookup table
Keywords:
Status: NEW
Alias: CVE-2023-1206
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2176117 2176118 2176119 2176120 2217240
Blocks: 2174096
TreeView+ depends on / blocked
 
Reported: 2023-03-06 18:10 UTC by Alex
Modified: 2023-08-16 18:56 UTC (History)
51 users (show)

Fixed In Version: kernel 6.5-rc1
Doc Type: If docs needed, set a value
Doc Text:
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
Clone Of:
Environment:
Last Closed:
Embargoed:
carnil: needinfo? (allarkin)

Attachments (Terms of Use)

Description Alex 2023-03-06 18:10:51 UTC 
A flaw in the Linux Kernel found in the Linux kernel’s networking stack which permits attackers to force hash collisions in the IPv6 connection lookup table. This results in a significant increase in the cost of
lookups, causing increased CPU utilization. This significant CPU usage increase in the Linux kernel subjected to a modified form of the classic IPv6 SYN-Flood. The actual impact of this issue may be a denial of service (due to heightened CPU usage) to hosts which can receive malicious IPv6 traffic.
Comment 8 Alex 2023-06-25 09:58:11 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2217240]
Comment 19 Salvatore Bonaccorso 2023-08-16 18:56:19 UTC 
Is https://git.kernel.org/linus/d11b0df7ddf1831f3e170972f43186dad520bfcc the fix for this issue? (which would be in 6.5-rc4)?
Note You need to log in before you can comment on or make changes to this bug.