Description
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly
determine the rate of challenge ACK segments, which makes it easier for
man-in-the-middle attackers to hijack TCP sessions via a blind in-window
attack.
Ubuntu-Description
Yue Cao et al discovered a flaw in the TCP implementation's handling
of challenge acks in the Linux kernel. A remote attacker could use
this to cause a denial of service (reset connection) or inject
content into an TCP stream.
Description tcp_input. c in the Linux kernel before 4.7 does not properly
net/ipv4/
determine the rate of challenge ACK segments, which makes it easier for
man-in-the-middle attackers to hijack TCP sessions via a blind in-window
attack.
Ubuntu-Description
Yue Cao et al discovered a flaw in the TCP implementation's handling
of challenge acks in the Linux kernel. A remote attacker could use
this to cause a denial of service (reset connection) or inject
content into an TCP stream.
References /cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2016- 5696 /msg118677. html git.kernel. org/cgit/ linux/kernel/ git/davem/ net.git/ commit/ ?id=75ff39ccc1b d5d3c455b6822ab 09e533c551f758 /lwn.net/ Articles/ 696868/
https:/
https://<email address hidden>
http://
https:/