---

Debian Releases Major Linux Kernel Security Update to Fix the Infamous TCP Flaw

It appears that the most important one is CVE-2016-5696, describing a serious bug in Linux kernel’s TCP (Transmission Control Protocol) implementation, whose Challenge ACK feature could have allowed an attacker to inject messages into the connections find between specific IP addresses. The issue was addressed by increasing the rate limit for the respective TCP Challenge ACK feature to a number that it can never be exceeded (e.g. sysctl net.ipv4.tcp_challenge_ack_limit=1000000000). This infamous TCP flaw affected 1.4 billion Android devices running an outdated Linux kernel.