TCP Stack Truncation Vulnerability in Linux Kernel

TCP Stack Truncation Vulnerability in Linux Kernel

CVE-2016-8645 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.