Recently I wrote about a severe vulnerability (CVE-2016-5696) affecting the Linux version 3.6, deployed in 2012. The flaw was discovered by researchers from the University of California, Riverside, and the U.S. Army Research Laboratory that presented their findings at the USENIX Security 2016 conference.
The TCP/IP networking flaw allows attackers to spot communications between two entities and can be exploited to hijack the traffic and manipulate it if the exchange is not encrypted.
The attack is not considerable a man-in-the-middle attack, the attackers just need to send spoofed packets to both sides of the connection by simply knowing their IP addresses and destination ports.
According to the experts at Lookout security, the Linux vulnerability affects 80% of Android devices, it appears to have been introduced into Android version 4.4 (also called KitKat) and it is still present in the current versions.
“Lookout recently discovered a serious exploit in TCP reported this week also impacts nearly 80% of Android, or around 1.4 billion devices, based on an install base reported by Statista. The vulnerability lets attackers obtain unencrypted traffic and degrade encrypted traffic to spy on victims.” reported Lookout security in a blog post.
The Linux vulnerability could be exploited by attackers to hijack traffic, inject malware into downloads and web pages, and run a wide range of attacks.
A patch for the Linux kernel was available since July 11, 2016, but checking the latest developer preview of Android Nougat, the Google OS is still affected by the flaw.
A Google spokesman confirmed that it is already working on the issue by “taking the appropriate actions.” The Google representative highlighted that the Android security team only rates the risk “moderate.”
(Security Affairs – Linux CVE-2016-569 flaw, Traffic Hijacking)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.