Attackers can hijack unencrypted web traffic of 80% of Android users (Help Net Security)

2016-08-16 16:47

The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM position also affects some 1.4 billion Android devices, Lookout researchers have warned. “We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9% of the Android ecosystem,” they noted. This fact should not … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/aqW7jwG1nL0/

#android #security #WEB #CVE-2016-5696

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2016-08-06	CVE-2016-5696	Information Exposure vulnerability in multiple products net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. network google oracle linux CWE-200	5.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Android		4	0	17	2	0	19

News URL

Related news

Related Vulnerability

Related vendor