Denial of Service Vulnerability in Linux Kernel's hash_accept Function

Denial of Service Vulnerability in Linux Kernel's hash_accept Function

CVE-2016-8646 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.