Yossi Gilad

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.17.9 **Description** The issue is related to insufficient entropy in the Linux kernel, allowing a remote attacker to identify clients by determining the original source ports used by the TCP server. This is due to the use of Algorithm 4, also known as the Double-Hash Port Selection Algorithm, as defined in RFC 6056. **Recommendations** For Linux kernel versions prior to 5.17.9, update to version 5.17.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a memory leak problem in the TCP source port generation algorithm, which may allow an attacker to leak information and potentially cause a denial of service problem. This is due to the small table perturb size in the net/ipv4/tcp.c component. The exploitation of this issue may enable a remote attacker to predict the number of an outgoing TCP connection port. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.