CVE-2016-5696

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-5696

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-5696.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-5696

Downstream

DEBIAN-CVE-2016-5696

DLA-609-1

DSA-3659-1

RHSA-2016:1631

RHSA-2016:1632

RHSA-2016:1633

RHSA-2016:1657

RHSA-2016:1664

RHSA-2016:1814

RHSA-2016:1815

RHSA-2016:1939

SUSE-SU-2016:2245-1

SUSE-SU-2016:2912-1

SUSE-SU-2016:2976-1

SUSE-SU-2016:3069-1

SUSE-SU-2016:3304-1

SUSE-SU-2017:0437-1

SUSE-SU-2017:0471-1

SUSE-SU-2017:1102-1

UBUNTU-CVE-2016-5696

USN-3070-1

USN-3070-2

USN-3070-3

USN-3070-4

USN-3071-1

Related

Published

2016-08-06T20:59:05.690Z

Modified

2025-11-28T11:34:29.320470Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L CVSS Calculator

Summary

[none]

Details

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.

References

Affected packages

Git

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type: GIT
Repo: http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

75ff39ccc1bd5d3c455b6822ab09e533c551f758

github.com/torvalds/linux

Affected ranges

Type: GIT
Repo: https://github.com/torvalds/linux
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

75ff39ccc1bd5d3c455b6822ab09e533c551f758