CVE-2008-4609

Published: 20 October 2008

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Priority

Negligible

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream Needed

linux-source-2.6.15
Launchpad, Ubuntu, Debian
Upstream Needs triage

linux-source-2.6.22
Launchpad, Ubuntu, Debian
Upstream Needs triage

Notes

AuthorNote
kees
negligible priority because there is no actual information yet.

References