Oval Definition:oval:com.ubuntu.precise:def:20165696000
Revision Date:2016-08-06Version:1
Title:CVE-2016-5696 on Ubuntu 12.04 LTS (precise) - medium.
Description:net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux kernel. A remote attacker could use this to cause a denial of service (reset connection) or inject content into an TCP stream.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-5696
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND Package Information
  • The 'linux' package in precise was vulnerable but has been fixed (note: '3.2.0-109.150').
  • OR The 'linux-armadaxp' package in precise was vulnerable but has been fixed (note: '3.2.0-1672.98').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life').
  • OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-95.142~precise1').
  • OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned').
  • OR The 'linux-ti-omap4' package in precise was vulnerable but has been fixed (note: '3.2.0-1487.114').
    • BACK