** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5696
** Changed in: linux-lts-trusty (Ubuntu)
Importance: Undecided => Medium
** Changed in: linux-lts-trusty (Ubuntu)
Status: New => Fix Committed
** Description changed:
Description
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly
determine the rate of challenge ACK segments, which makes it easier for
man-in-the-middle attackers to hijack TCP sessions via a blind in-window
attack.
Ubuntu-Description
Yue Cao et al discovered a flaw in the TCP implementation's handling
of challenge acks in the Linux kernel. A remote attacker could use
this to cause a denial of service (reset connection) or inject
content into an TCP stream.
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5696
https://www.mail-archive.com/[email protected]/msg118677.html
http://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758
https://lwn.net/Articles/696868/
+ https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5696.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1615835
Title:
CVE-2016-5696
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-lts-trusty/+bug/1615835/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
