net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
References
Configurations
History
17 Nov 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Nov 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2016-08-06 20:59
Updated : 2023-12-10 11:46
NVD link : CVE-2016-5696
Mitre link : CVE-2016-5696
CVE.ORG link : CVE-2016-5696
JSON object : View
Products Affected
linux
- linux_kernel
oracle
- vm_server
- android
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor