vulnerability tcp RFC 5961 of linux kernel since v3.2 [released]

Question

15

vulnerability tcp RFC 5961 of linux kernel since v3.2 [released]

Tracked by Jolla (In release)

asked 2016-08-19 12:10:10 +0300

cemoi71

14264 ●310 ●434 ●439

updated 2018-05-04 11:48:33 +0300

Hello all

I Don't know if a lots of people already aware about it. Seems not to be after tjc research

shortly on the usenix security conference was reported from a vulnerability on the TCP Protocol RFC 5961.
As i understand This Version is already implemented into the Linux Kernel since V3.6 but not in windows and ios.

this leak give the possibility to someone making an attack of type man in the middle.

Here is a link with more precision:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5696

Seems that already a lot's a people tracked the leak and have a patch for it...

Now comes the question:
Jolla is able to update the kernel? if the patch is ready, that would be nice to have it. One possible workaround has appeared. But may be a workaround a good and certified alternative?

Edit 04.05.2018: Fix is still not done for JP1
When may we expect to have it in our precious one? Does jolla may give a short word about it from their plan?

Have a nice sail

edit retag flag offensive reopen delete

The question has been closed for the following reason "released in a software update" by lpr
close date 2019-02-05 01:26:10.982911

Comments

1

Workaround:

create (as root) the file /etc/sysctl.d/rfc5961.conf:

net.ipv4.tcp_challenge_ack_limit = 999999999

and reboot. If you do not want to reboot:

sysctl net.ipv4.tcp_challenge_ack_limit=999999999

cy8aer ( 2016-08-19 13:20:39 +0300 )edit

@cy8aer seems to be completely different as what what we can see by all patches referenced on the above link.
i'm definitively not skilled on the business, so that it makes me more cautious about it.
Sorry
i prefer wait for explanation and confirmation.
And official reaction/bugfix etc.. would help for sure.
Not that i want to ignore your solution and help. I'm just really cautious with this.
Maybe you could convert your remark as answer. That would help by this process of confirmation, explanation (6 validation). Anyway, many thanks for your fast answer.

cemoi71 ( 2016-08-19 15:11:29 +0300 )edit

@cemoi71: This was my source http://www.heise.de/forum/heise-Security/News-Kommentare/HTTP-Verbindungen-von-einer-Milliarde-Android-Geraeten-angreifbar/Workaround/posting-29072121/show/ - but german

cy8aer ( 2016-08-20 23:11:53 +0300 )edit

@cy8aer i can read it, no problem. and like the author notified, that is a workaround, and not the final and well done solution....
Hope that jolla will close the leak when the solution will be provided...

cemoi71 ( 2016-09-01 16:36:51 +0300 )edit

@cemoi71 it is not yet released in kernel-adaptation-sbj-3.4.108.20171017.1 (jolla1 2.1.3.7) and I doubt it is in 2.1.4.15.

lpr ( 2018-05-03 17:44:27 +0300 )edit

Workaround:
create (as root) the file /etc/sysctl.d/rfc5961.conf:
net.ipv4.tcp_challenge_ack_limit = 999999999
and reboot. If you do not want to reboot:
sysctl net.ipv4.tcp_challenge_ack_limit=999999999
cy8aer ( 2016-08-19 13:20:39 +0300 )edit
@cy8aer seems to be completely different as what what we can see by all patches referenced on the above link.
i'm definitively not skilled on the business, so that it makes me more cautious about it.
Sorry
i prefer wait for explanation and confirmation.
And official reaction/bugfix etc.. would help for sure.
Not that i want to ignore your solution and help. I'm just really cautious with this.
Maybe you could convert your remark as answer. That would help by this process of confirmation, explanation (6 validation). Anyway, many thanks for your fast answer.
cemoi71 ( 2016-08-19 15:11:29 +0300 )edit
@cemoi71: This was my source http://www.heise.de/forum/heise-Security/News-Kommentare/HTTP-Verbindungen-von-einer-Milliarde-Android-Geraeten-angreifbar/Workaround/posting-29072121/show/ - but german
cy8aer ( 2016-08-20 23:11:53 +0300 )edit
@cy8aer i can read it, no problem. and like the author notified, that is a workaround, and not the final and well done solution....
Hope that jolla will close the leak when the solution will be provided...
cemoi71 ( 2016-09-01 16:36:51 +0300 )edit
@cemoi71 it is not yet released in kernel-adaptation-sbj-3.4.108.20171017.1 (jolla1 2.1.3.7) and I doubt it is in 2.1.4.15.
lpr ( 2018-05-03 17:44:27 +0300 )edit

Answer 1

2

answered 2016-08-19 15:39:42 +0300

hoschi

4140 ●53 ●78 ●78

http://www.ttyhoney.com/

updated 2016-08-19 15:56:28 +0300

I don't know how to express this better:
Regular unencrypted TCP-Traffic is generally vulernable to the attack as described here, for this reason, encrypted TCP-Traffic is used. So this is not a new security vulnerability, but implementing RFC5961 fully and correctly (as GNU/Linux sadly does) allows for doing an attack in less time.

So RFC5961 makes unencrypted TCP-Traffic needlessly more vulnerable. Don't panic.
// edit: it's even not by itself a man-in-the-middle-attack

edit flag offensive delete publish link

Comments

naturally tcp is not encrypted but as i understand it let a opened door to make code injection on strategic and sensitive places which should be not be reached. Which could allowed a man in the middle attack....
then it is indeed a serious vulnerability. relative complex for normal hacker or user. but for really much more skilled people an interesting one (and peanuts for government-like organisation)...

cemoi71 ( 2016-08-19 16:02:21 +0300 )edit

Hey, I am Olivia Crew as an “Academic Writer” in Livewebtutors. The above post has given reliable and genuine information about Assignment Help Australia. Looking forward to avail their eminent services. visit here:- assignment help, assignment help Australia, My Assignment Help, Online assignment help

livewebtutorss ( 2018-10-17 10:46:31 +0300 )edit

Sample Assignment provides an all-year long Australian assignment help. While providing the academic aid, we foresee ourselves to be known as the chosen one academic consultants like Nursing, IT, Law, Marketing, Economics, Accounting, Statistics, etc. are some of the subjects to name that we cater to the Australian students in. We were recently recognised as the most reliable and dependable assignment service, and also voted as the Numero Uno assignment provider for the past two years. The academic assignment maker have been using their past experience and knowledge in order to supply the students with HD grade assignments including dissertations, essays, thesis, reports, journals, reflections, case study analysis, etc. There are many companies in the industry which functioning at skyrocketed prices. Be it accounting assignment help, marketing or management assignment help, java assignment help, taxation assignment help; we proffer our expert guidance in all of the assignments.

dylaneales ( 2018-10-29 12:04:36 +0300 )edit

اگر قیمت عینک واقعیت مجازی مهمترین فاکتور شما برای خرید عینک واقعیت مجازی است و دنبال بهترین عینک واقعیت مجازی نیستید شاید بهترین قیمت عینک واقعیت مجازی را در گزینه خرید هدست واقعیت مجازی vr box 2 پیدا کنید، بازی های vr box و فیلم vr box مانند دیگر عینک های واقعیت مجازی به فراوانی روی اینترنت و به صورت رایگان در دسترس کاربران واقعیت مجازی هستند اگر از آن دسته کاربرانی هستید که سوال شما این است که عینک واقعیت مجازی چیست توصیه می‌کنیم در این زمینه مطالعاتی داشته باشید و خود را با دنیای واقعیت مجازی آشنا سازید. کمپانی های مختلفی در این چند سال در زمینه تکنولوژی واقعیت مجازی فعالیت کردند، یکی از موفق ترین برندها سامسونگ است. خرید عینک واقعیت مجازی سامسونگ برای آن دسته از کاربرانی که گوشی های پرچمدار سامسونگ را دارند بهترین گزینه است. قیمت عینک واقعیت مجازی سامسونگ به نسبت دیگر های متفرقه بالاتر است ولی از کیفیت متفاوتی برخوردار است، هرچند که سامسونگ هر سال عینک های واقعیت مجازی خود را به روز رسانی می کند و این نکته نیز قابل توجه است که قیمت samsung gear vr 2016 از قیمت samsung gear vr 2017 پایین تر است. خرید عینک واقعیت مجازی سامسونگ ۲۰۱۷ برای کاربران گوشی های پرچمدار سری اس و سری نوت را دارند می تواند تجربه بسیار لذت بخشی باشد.هدست واقعیت مجازی سامسونگ samsung gear vr 2017 از کیفیت ساخت بالایی برخوردار بوده و تجربه کاربری بسیار با کیفیت و لذت بخشی را در زمینه واقعیت مجازی به کاربر می‌دهد. فروشگاه اینترنتی استایل آپ عرضه کننده تخصصی اکسسوری و لوازم جانبی بالاخص لوازم جانبی دیجیتال می باشد. عینک واقعیت مجازی یا عینک VR یا هدست Virtual Reality یکی از جدیدترین تکنولوژی ها در حوزه گجت های دیجیتال است. خرید عینک های واقعیت مجازی و ساخت عینک واقعیت مجازی یا عینک 360 درجه یکی از دغدغه های کاربران فعال و علاقه مند به تکنولوژی عینک واقعیت مجازی است.

Arad qorbani ( 2018-11-18 15:18:36 +0300 )edit

I do agree in its vulnerability and can be attacked any time. There have been patches that are available. Alec │ cincinnati-seo.org/

alec52417 ( 2019-07-01 11:46:17 +0300 )edit

Answer 2

2

answered 2017-06-01 01:31:07 +0300

IZh
41 ●1 ●3

Applied https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758

edit flag offensive delete publish link

Comments

you should apply kernel 3.4 patch for jolla1 instead

lpr ( 2017-07-05 16:58:30 +0300 )edit

no patch at all has been applied to kernel-adaptation-sbj...

lpr ( 2018-05-03 18:08:56 +0300 )edit

I think this is helpful for student and easy to Do my Assignment

alexjohn ( 2018-05-05 09:28:31 +0300 )edit

Editing it will help solve the problem maybe but if you can transfer to windows and gain more knowledge about securing your system it will be better I think, and if you have free time try this brain games for adults

adamsnow ( 2019-01-15 06:09:42 +0300 )edit

Would it be possible if there is any error message along the way? | https://www.concretecontractorsgreenville.com

Chris889 ( 2019-02-25 18:08:31 +0300 )edit

vulnerability tcp RFC 5961 of linux kernel since v3.2 [released]

The question has been closed for the following reason "released in a software update" by lpr
close date 2019-02-05 01:26:10.982911

Comments

2 Answers

Comments

Comments

Question tools

Stats

Related questions

vulnerability tcp RFC 5961 of linux kernel since v3.2 [released]

The question has been closed for the following reason "released in a software update" by lpr close date 2019-02-05 01:26:10.982911

Comments

2 Answers

Comments

Comments

Question tools

Public thread

Stats

Related questions

The question has been closed for the following reason "released in a software update" by lpr
close date 2019-02-05 01:26:10.982911