Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:39036
HistoryJan 28, 2023 - 12:46 a.m.

Spoofing Attack

2023-01-2800:46:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20
spoofing attack
vulnerable kernel
mitm attack
ip fragmentation
ipid collision
remote user

EPSS

0.001

Percentile

32.4%

kernel is vulnerable to Spoofing Attack. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim’s TCP session or terminate that session, where a Man-in-the-Middle Attack (MITM) performs an IP fragmentation attack and an IPID collision. This flaw allows a remote user to pretend to be the sender of the TCP/IP packet for an existing TCP/IP session.