The socket implementation in net/core/sock.c in the Linux kernel prior to 2.6.34 does not properly manage a backlog of received packets, which allows remote malicious users to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
vmware esx 4.1 |
||
vmware esx 4.0 |
||
redhat enterprise linux 4.0 |