CVE-2016-5696

2016-08-06T20:59:00
ID CVE-2016-5696
Type cve
Reporter cve@mitre.org
Modified 2018-01-05T02:31:00

Description

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.