A security issue has been found in the Linux kernelβs implementation of
challenge ACKs as specified in RFC 5961. An attacker which knows a
connectionβs client IP, server IP and server port can abuse the
challenge ACK mechanism to determine the accuracy of a normally βblindβ
attack on the client or server.
Successful exploitation of this flaw could allow a remote attacker to
inject or control a TCP stream contents in a connection between a Linux
device and its connected client/server.