A certain backport in the TCP Fast Open implementation for the Linux kernel prior to 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash) via the Fast Open feature, as demonstrated by visiting the chrome://flags/#enable-tcp-fast-open URL when using certain 3.10.x up to and including 3.16.x kernel builds, including longterm-maintenance releases and ckt (aka Canonical Kernel Team) builds.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
debian debian linux |
||
linux linux kernel |