CVE-2023-1206
CVSS 3.1 Score 5.7 of 10 (medium)
Details
Summary
CVE-2023-1206 is a newly discovered vulnerability affecting the Linux kernel's IPv6 functionality. This flaw, which involves a hash collision in the connection lookup table, can be exploited through a specific SYN flood attack. A malicious user, located in the local network or possessing a high-bandwidth connection, can trigger the issue, leading to an excessive increase in CPU usage on the targeted server, reaching up to 95%. The vulnerability poses a significant risk for servers that accept IPv6 connections and requires immediate attention from system administrators.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.