Flooding icmp6 messages of type 130 or 131 is enough to exploit a memory leak in the kernel and cause the host to go out-of-memory. The volume of traffic doesn’t need to be particularly high. Note that since the vulnerability was introduced recently (5.13) only 5.15’s stable was affected.
This vulnerability was found/fixed by Eric Dumazet.
CVE will land on MITRE’s website sometime this week.
↳ CVE-2022-0742: Remote Denial of Service on Linux Kernel >=5.13
Nickname: