Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 618814 (CVE-2017-5972) - sys-kernel/gentoo-sources: Unspecified vulnerability (CVE-2017-5972)
Summary: sys-kernel/gentoo-sources: Unspecified vulnerability (CVE-2017-5972)
Status: RESOLVED OBSOLETE
Alias: CVE-2017-5972
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-05-18 06:07 UTC by GLSAMaker/CVETool Bot
Modified: 2018-03-11 00:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-05-18 06:07:19 UTC 
CVE-2017-5972 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-5972):
  The TCP stack in the Linux kernel 3.x does not properly implement a SYN
  cookie protection mechanism for the case of a fast network connection, which
  allows remote attackers to cause a denial of service (CPU consumption) by
  sending many TCP SYN packets, as demonstrated by an attack against the
  kernel-3.10.0 package in CentOS Linux 7. NOTE: third parties have been
  unable to discern any relationship between the GitHub Engineering finding
  and the Trigemini.c attack code.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2018-03-11 00:54:30 UTC 
gentoo-sources-3.x no longer in portage tree. Marking as OBSOLETE