VDB
DEBIAN-CVE-2023-1206
DEBIAN-CVE-2023-1206
PUBLISHED
CVSS 5.699999809265137 MEDIUM
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95%.
Risk Scores
CVSS 3.1
5.699999809265137
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | linux | 5.10.149-1, 5.10.106-1, 5.10.113-1 |
| Debian:12 | linux | *, 6.1.38-2, 0 |
| Debian:14 | linux | 0, 0, 0 |
| Debian:13 | linux | 0, 0, 0 |
Exploit Intelligence
- 3 linux kernel bugs chains to do secure comm app using side channel to establish key and establish covert channe; (github-poc-repo)
- 3 linux kernel bugs chains to do secure comm app using side channel to establish key and establish covert channe; (github-poc)
- triple_cve_channel_v2.c (github-poc)
- triple_cve_channel.c (github-poc)
- covert_channel.c (github-poc)
- covert_channel_encrypted.c (github-poc)
- exploit_debug.c (github-poc)
Timeline
- Jun 30, 2023 CVE Published
- Apr 28, 2026 CVE Updated