[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2016:1633 -- centos 7 kernel,python-perf,perf

ID: oval:org.secpod.oval:def:203988Date: (C)2016-08-23   (M)2023-08-31
Class: PATCHFamily: unix




The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel"s networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network. Red Hat would like to thank Yue Cao from Cyber Security Group in the CS department of University of California, Riverside, for reporting this issue.

Platform:
CentOS 7
Product:
kernel
python-perf
perf
Reference:
CESA-2016:1633
CVE-2016-5696
CVE    1
CVE-2016-5696
CPE    4
cpe:/o:linux:linux_kernel
cpe:/a:perf:perf
cpe:/a:python-perf:python-perf
cpe:/o:centos:centos:7
...

© SecPod Technologies