summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2016-5696
blob: d091f00cb844a39936159273f19385ead265997c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
Description: challenge ACK counter information disclosure
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=1354708
 https://www.mail-archive.com/netdev@vger.kernel.org/msg118824.html
Notes:
 RFC 5961 3.2 has been implemented in v3.6-rc1 with commit
 282f23c6ee343126156dd41218b22ece96d747e3 . But it seems to have
 been backported to older versions as well (including 3.2.x)
 .
 Additionally (but not strictly needed for the CVE, AFAICT), the commit
 083ae308280d13d187512b9babe3454342a7987e might be added as well.
Bugs:
upstream: released (4.7) [75ff39ccc1bd5d3c455b6822ab09e533c551f758]
3.16-upstream-stable: released (3.16.37) [tcp-make-challenge-acks-less-predictable.patch]
3.2-upstream-stable: released (3.2.82) [tcp-make-challenge-acks-less-predictable.patch]
sid: released (4.7.2-1)
3.16-jessie-security: released (3.16.36-1+deb8u1) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]
3.2-wheezy-security: released (3.2.81-2) [bugfix/all/tcp-make-challenge-acks-less-predictable.patch]

© 2014-2024 Faster IT GmbH | imprint | privacy policy