Linux Vulnerability : 80% of Android devices are Affected

Present a flaw in Linux makes 1.4 billion vulnerable Android devices. There is no patch available to correct this flaw that affects the latest version of TCP, called "RFC 5961"

This vulnerability would fall within the transmission control protocol called TCP.
He represents the vast majority of transfers made over the internet. The flaw in question concerns the latest version of TCP, called RFC 5961, implemented in the Linux core.

It was during the 25th Unsenix Security Symposium, held last week, as Riverside University researchers located in California, as well as experts from the US Army Reserach Laboratory, they have demonstrated that possible for an attacker to use this vulnerability in this implementation to identify client-server connections via TCP.

The attacker can then inject code and malware within the established communication. The two teams of experts showed how an attacker can achieve this by injecting code into a page of USA Today.

This vulnerability can be used to stop connections, to take control of Internet communications, or launch targeted attacks against connected users, hack the communication between two people, or target users who use the Tor network thus to eliminate anonymity.

The researchers said that this type of attack takes very little time and works in 90% of cases.
According to Andrew Blaich, a security expert Lookout, terminals evolving Android would also be affected and 80% of devices currently on the market would be vulnerable is more than 1.4 billion smartphones or tablets.

The latest version of Android unveiled by Google would also be affected. A patch was created but is not yet released. Although this flaw is not accessible to all people and difficult to operate, Andrew Blaich Lookout recommends sail only on secure sites, respondents HTTPS.