linux-qoriq: fix CVE-2016-5696 - linux/meta-freescale.git - Mirror of github.com/Freescale/meta-freescale

diff options

author	Adrian Dudau <adrian.dudau@enea.com>	2016-10-31 15:53:01 +0100
committer	Otavio Salvador <otavio@ossystems.com.br>	2016-10-31 17:45:19 -0200
commit	7717fe4a8ffd57c85e6c43e8de1fab8993b2bf08 (patch)
tree	2027004a40cce7f6d2f4b1640d0d7b3d6cfc9e45 /recipes-multimedia
parent	fc7d08fcf4143b7af7df7ff88654d8acfaf79f42 (diff)
download	meta-freescale-7717fe4a8ffd57c85e6c43e8de1fab8993b2bf08.tar.gz

linux-qoriq: fix CVE-2016-5696

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5696 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=5413f1a526d2d51d7a5768133c90936c017165c6 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=72c2d3bccaba4a0a4de354f9d2d24eccd05bfccf (This a follow-up to "tcp: make challenge acks less predictable) Signed-off-by: Adrian Dudau <adrian.dudau@enea.com> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>

Diffstat (limited to 'recipes-multimedia')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: