CVE-2016-5696
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-lts-trusty (Ubuntu) |
Fix Committed
|
Medium
|
Unassigned |
Bug Description
Description
net/ipv4/
determine the rate of challenge ACK segments, which makes it easier for
man-in-the-middle attackers to hijack TCP sessions via a blind in-window
attack.
Ubuntu-Description
Yue Cao et al discovered a flaw in the TCP implementation's handling
of challenge acks in the Linux kernel. A remote attacker could use
this to cause a denial of service (reset connection) or inject
content into an TCP stream.
References
https:/
https://<email address hidden>
http://
https:/
https:/
CVE References
Changed in linux-lts-trusty (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Fix Committed |
description: | updated |