SB2024052952 - TCP spoofing in Linux kernel
Published: May 29, 2024 Updated: May 14, 2025
Security Bulletin ID
SB2024052952
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Data manipulation
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Spoofing attack (CVE-ID: CVE-2023-52881)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/69eae75ca5255e876628ac5cee9eaab31f644b57
- https://git.kernel.org/stable/c/458f07ffeccd17f99942311e09ef574ddf4a414a
- https://git.kernel.org/stable/c/7ffff0cc929fdfc62a74b384c4903d6496c910f0
- https://git.kernel.org/stable/c/b17a886ed29f3b70b78ccf632dad03e0c69e3c1a
- https://git.kernel.org/stable/c/0d4e0afdd6658cd21dd5be61880411a2553fd1fc
- https://git.kernel.org/stable/c/008b807fe487e0b15a3a6c39add4eb477f73e440
- https://git.kernel.org/stable/c/2087d53a66e97a5eb5d1bf558d5bef9e5f891757
- https://git.kernel.org/stable/c/3d501dd326fb1c73f1b8206d4c6e1d7b15c07e27
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.333
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.302
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.204
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.143
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.264
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.68
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7