摘要:
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
安全等级: Low
公告ID: KylinSec-SA-2023-1236
发布日期: 2023年3月28日
关联CVE: CVE-2023-1390
A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-1390 | KY3.4-4A | kernel | Unaffected |
| CVE-2023-1390 | KY3.4-5A | kernel | Unaffected |
| CVE-2023-1390 | KY3.5.1 | kernel | Unaffected |
