Description: challenge ACK counter information disclosure References: https://bugzilla.redhat.com/show_bug.cgi?id=1354708 https://www.mail-archive.com/netdev@vger.kernel.org/msg118824.html Notes: RFC 5961 3.2 has been implemented in v3.6-rc1 with commit 282f23c6ee343126156dd41218b22ece96d747e3 . But it seems to have been backported to older versions as well (including 3.2.x) . Additionally (but not strictly needed for the CVE, AFAICT), the commit 083ae308280d13d187512b9babe3454342a7987e might be added as well. Bugs: upstream: released (4.7) [75ff39ccc1bd5d3c455b6822ab09e533c551f758] 3.16-upstream-stable: released (3.16.37) [tcp-make-challenge-acks-less-predictable.patch] 3.2-upstream-stable: released (3.2.82) [tcp-make-challenge-acks-less-predictable.patch] sid: released (4.7.2-1) 3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch] 3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]