CVE-2016-5696 Linux Kernel vulnerability has been recognized two weeks ago by some watchful researchers , who immediately informed the world of the Internet about the potential dangers waiting for them. This vulnerability can be exploited by an attack called with the umbrella term: “man in the middle attack” and is mainly conducted by off-path hackers. RedHat and many other companies informed their clients about the new foundings and described the issue the following way: ” Researchers have discovered a flaw in the Linux kernel’s TCP/IP networking subsystem implementation of the RFC 5961 challenge ACK rate limiting, that could allow an off-path attacker to inject payload into unsecured TCP connections.”
TCP handles almost 90% of our data, so yes, we can feel ourselves increasingly in danger and exposed to the pernicious will of cybercriminals. If they take advantage from this, they can steal some serious details from our habitual data exchange. We have found an excellent Patterns in the Void blog entry, where the first part explains the tiny little details of the possible exploit in such a way, it is understandable for the biggest laymen too. It is not only the high percentage of our data sent through TCP what makes the situation threatening, but the fact that 96,6% of Alexa top one million have Linux kernels. This number increases the significance of rapid decision-making and shouts for instant solution.
We have fascinating news for our past, present and future customers! BitNinja is able to overcome this vulnerability, as our developers made it able to catch and block the mischievous attackers who intend to harness this known weak point. Yesterday, (24 Aug) we released a new Bitninja version (1.11.29), which is officially and flawlessly tackling the issue. It is available for both, pro and free, versions.
Do you want to know more about the man-in-the-middle attack?
Watch this demo video, where they are displaying an off-path TCP attack through a side channel.
Read the original article written by the researchers who found CVE-2016-5696, here.