Security News > 2016 > August > Attackers can hijack unencrypted web traffic of 80% of Android users (Help Net Security)

Attackers can hijack unencrypted web traffic of 80% of Android users (Help Net Security)
2016-08-16 16:47

The recently revealed security bug (CVE-2016-5696) in the TCP implementation in the Linux kernel that could allow attackers to hijack unencrypted web traffic without an MitM position also affects some 1.4 billion Android devices, Lookout researchers have warned. “We can estimate then that all Android versions running the Linux Kernel 3.6 (approximately Android 4.4 KitKat) to the latest are vulnerable to this attack or 79.9% of the Android ecosystem,” they noted. This fact should not … More →


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/aqW7jwG1nL0/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2016-08-06 CVE-2016-5696 Information Exposure vulnerability in multiple products
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
network
high complexity
google oracle linux CWE-200
4.8
4.8