Public Date:
465932: CVE-2008-4609 kernel: TCP protocol vulnerabilities from Outpost24

The MITRE CVE dictionary describes this issue as:

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Find out more about CVE-2008-4609 from the MITRE CVE dictionary dictionary and NIST NVD.


The attacks reported by Outpost24 AB target the design limitations of the TCP protocol. Due to upstreams decision not to release updates, Red Hat do not plan to release updates to resolve these issues however, the effects of these attacks can be reduced via the mitigation methods as written in