ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Major Linux TCP Stack Vulnerability Discovered

    News
    zdnet security linux android tcp networking vulnerability
    1
    2
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mlnews
      last edited by

      A new vulnerability in the Linux networking stack has come to light, one that is pretty widespread and to which users are highly vulnerable. The flaw was introduced in 2012 in the Linux 3.6 kernel and is now very common in nearly all Linux distributions, including Android. ZDNet looks at how the flaw works and what you can do about it and what is being done to patch it. The flaw stems from a new TCP security mechanism, ironically, and does not impact BSD, Mac OSX or most Windows systems as they had not yet implemented the new security mechanism.

      1 Reply Last reply Reply Quote 4
      • M
        mlnews
        last edited by

        On the Ubuntu Linux family, for instance, you can fix it with the following steps:

        • Open /etc/sysctl.conf, with an editor, such as vim.
        • Enter the line: net.ipv4.tcp_challenge_ack_limit = 999999999
        • Save the file.
        • Use the shell command "sysctl -p" to update the configuration.
        1 Reply Last reply Reply Quote 4
        • 1 / 1
        • First post
          Last post