Skip to main content

IBM AIX `TCP large send offload´ Denial of Service Vulnerability

Last Update Date: 4 Jun 2012 Release Date: 7 Feb 2012 5799 Views

RISK: Medium Risk

TYPE: Operating Systems - Unix

TYPE: Unix

A vulnerability has been reported in AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an error within the TCP stack when the "TCP large send offload" option is enabled and can be exploited to trigger a kernel panic via a specially crafted sequence of TCP packets.


Impact

  • Denial of Service

System / Technologies affected

  • IBM AIX versions 5.3, 6.1, and 7.1.

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply interim fixes or APARs

Vulnerability Identifier


Source


Related Link