| Severity | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE ID | CVE-2018-6922 |
| CVSSv3 |
7.6 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:W/RC:C] |
| CWE ID |
CWE-400 |
| Exploitation vector | Network |
| Public exploit | Not available |
| Vulnerable software |
IBM AIX |
| Vulnerable software versions |
IBM AIX 7.2 IBM AIX 7.1 IBM AIX 6.1 IBM AIX 5.3 |
| Vendor URL | IBM Corporation |
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to the system uses an inefficient TCP reassembly algorithm. A remote attacker can send specially crafted packets within ongoing TCP sessions to consume excessive CPU resources and cause the service to crash.
RemediationInstall update from vendor's website.
External linkshttp://aix.software.ibm.com/aix/efixes/security/freebsd_advisory.asc