CVE-2016-5696: kernel: challenge ACK counter disclosure

CVE ID

CVE-2016-5696

DESCRIPTION

It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network.
Unitrends risk assessment:  Low (Attack Complexity= High, Integrity Impact = Low, Availability Impact = Low)
The key impact of a successful complex attack would be wrongly terminated TCP connections.

RESOLUTION

For CentOS6, resolved in kernel-2.6.32-642.4.2.el6 in the latest security update
For CentOS5, not vulnerable

LINK TO ADVISORIES

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us