F5 Networks BIG-IP : Linux TCP stack vulnerability (K46514822)
Medium Nessus Plugin ID 93136
SynopsisThe remote device is missing a vendor-supplied security patch.
Descriptionnet/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack. (CVE-2016-5696)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K46514822.