CVE-2016-2070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.3.5

Description The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and system crash, via crafted TCP traffic. This is due to a problem in the tcp cwnd reduction function in net/ipv4/tcp input.c.

Recommendations For Linux kernel versions prior to 4.3.5, update to version 4.3.5 or later to resolve the issue. As a temporary workaround, consider restricting incoming TCP traffic to minimize the risk of exploitation.