Lucene search

K
ubuntucveUbuntu.comUB:CVE-2016-5696
HistoryAug 06, 2016 - 12:00 a.m.

CVE-2016-5696

2016-08-0600:00:00
ubuntu.com
ubuntu.com
21

0.004 Low

EPSS

Percentile

74.9%

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly
determine the rate of challenge ACK segments, which makes it easier for
remote attackers to hijack TCP sessions via a blind in-window attack.

Bugs

Notes

Author Note
jdstrand android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support
sbeattie fix is going to land in Ubuntu kernels in this SRU cycle, with a likely release date of Aug 27. Earlier access to the kernels with the fix will be available from the -proposed pocket, though they come with the risk of being less tested.