3 matches found
kernel: off-path attacker may inject data or terminate victim's TCP session
A TCP/IP packet spoofing attack flaw was found in the Linux kernel’s TCP/IP protocol, where a Man-in-the-Middle Attack MITM performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session...
Kernel: net: weak IP ID generation leads to remote device tracking
A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a nethashmix function. A remote user could observe a weak IP ID generation in this field to track Linux devices...
DEBIAN-CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...