Описание
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-32296
- https://arxiv.org/abs/2209.12993
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.9
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4c2c8f03a5ab7cb04ec64724d7d176d00bcc91e5
- https://github.com/0xkol/rfc6056-device-tracker
- https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html
- https://www.debian.org/security/2022/dsa-5173
Связанные уязвимости
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
The Linux kernel before 5.17.9 allows TCP servers to identify clients ...