Linux TCP Flaw allows Hackers to Hijack Internet Traffic and Inject Malware Remotely

If you are using the Internet, there are the possibilities that you are open to attack.

The Transmission Control Protocol (TCP) implementation in all Linux systems deployed since 2012 (version 3.6 and above of the Linux kernel) poses a serious threat to Internet users, whether or not they use Linux directly.

This issue is troubling because Linux is used widely across the Internet, from web servers to Android smartphones, tablets, and smart TVs.

Researchers have uncovered a serious Internet flaw, which if exploited, could allow attackers to terminate or inject malware into unencrypted communication between any two vulnerable machines on the Internet.

The vulnerability could also be used to forcefully terminate HTTPS encrypted connections and downgrade the privacy of secure connections, as well as also threatens anonymity of Tor users by routing them to certain malicious relays.

The flaw actually resides in the design and implementation of the Request for Comments: 5961 (RFC 5961) – a relatively new Internet standard that's designed to make commonly used TCP more robust against hacking attacks.

TCP protocol is the heart of all Internet communications, as all application level protocols, including HTTP, FTP, SSH, Telnet, DNS, and SMTP, stand on TCP.

More at : https://thehackernews.com/2016/08/linux-tcp-packet-hacking.html

Thanks to Swati Khandelwal