CVE-2017-5972

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x

Description The TCP stack in the Linux kernel does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets. This issue can be exploited by sending specially crafted SYN packets, leading to CPU consumption.

Recommendations For Linux kernel version 3.x, consider implementing a workaround to limit the impact of SYN packet attacks, such as configuring the system to drop SYN packets after a certain threshold. At the moment, there is no information about a newer version that contains a fix for this vulnerability.