Back to search
CVE-2016-5696
Published: Aug 6, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/Gnoxter/mountain_goat
x_refsource_MISC
USN-3070-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2016:1657
vendor-advisory
x_refsource_REDHAT
https://bto.bluecoat.com/security-advisory/sa131
x_refsource_CONFIRM
RHSA-2016:1814
vendor-advisory
x_refsource_REDHAT
https://kc.mcafee.com/corporate/index?page=content&id=SB10167
x_refsource_CONFIRM
http://source.android.com/security/bulletin/2016-10-01.html
x_refsource_CONFIRM
91704
vdb-entry
x_refsource_BID
USN-3070-3
vendor-advisory
x_refsource_UBUNTU
USN-3070-2
vendor-advisory
x_refsource_UBUNTU
RHSA-2016:1815
vendor-advisory
x_refsource_REDHAT
RHSA-2016:1939
vendor-advisory
x_refsource_REDHAT
USN-3071-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2016:1632
vendor-advisory
x_refsource_REDHAT
USN-3070-4
vendor-advisory
x_refsource_UBUNTU
1036625
vdb-entry
x_refsource_SECTRACK
RHSA-2016:1631
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1354708
x_refsource_CONFIRM
USN-3072-2
vendor-advisory
x_refsource_UBUNTU
RHSA-2016:1633
vendor-advisory
x_refsource_REDHAT
RHSA-2016:1664
vendor-advisory
x_refsource_REDHAT
USN-3072-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20160712 Re: CVE-2016-5389: linux kernel - challange ack information leak.
mailing-list
x_refsource_MLIST
USN-3071-2
vendor-advisory
x_refsource_UBUNTU
https://security.paloaltonetworks.com/CVE-2016-5696
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now