A security issue has been found in the Linux kernelβs implementation of
challenge ACKs as specified in RFC 5961. An attacker which knows a
connectionβs client IP, server IP and server port can abuse the
challenge ACK mechanism to determine the accuracy of a normally βblindβ
attack on the client or server.
Successful exploitation of this flaw could allow a remote attacker to
inject or control a TCP stream contents in a connection between a Linux
device and its connected client/server.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | linux-grsec | <Β 4.7.201608131240-1 | UNKNOWN |