The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service (memory consumption or system crash) via a flood of packets.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | 3.10.50 (including) | 3.10.70 (excluding) |
Linux_kernel | Linux | 3.12.26 (including) | 3.12.38 (excluding) |
Linux_kernel | Linux | 3.14.14 (including) | 3.14.34 (excluding) |
Linux_kernel | Linux | 3.15.7 (including) | 3.16.35 (excluding) |
Linux_kernel | Linux | 3.17 (including) | 3.18.8 (excluding) |