Vigil@nce: Linux kernel, denial of service via SYN+FIN
June 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can send TCP packets with the SYN and FIN flags, in
order to create a denial of service.
– Severity: 2/4
– Creation date: 30/05/2012
IMPACTED PRODUCTS
– Linux kernel
DESCRIPTION OF THE VULNERABILITY
The TCP protocol uses flags:
– SYN : start of session
– FIN : end of session
– etc.
A TCP packet with both flags SYN and FIN set is invalid. However,
the Linux kernel does not reject it immediately. Its processing
thus uselessly consumes resources.
An attacker can therefore send numerous TCP packets with the SYN
and FIN flags, in order to create a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-SYN-FIN-11661