|CVSS SCORE||7.5, (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)|
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the handling of the RPL protocol. The issue results from the lack of proper handling of user-supplied data, which can result in an assertion failure. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
01/26/22 – ZDI reported the vulnerability to the vendor.
-- Mitigation: Given the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the application.