Short Bytes: Researchers have found a critical flaw that affects all Linux kernel version 3.6 and beyond. If left unnoticed, this flaw allows a range of harmful blind off-path TCP attacks that can compromise the security of a Linux user with a success rate of 90%. The researchers have proposed certain changes and implementation of a global TCP limit to prevent this exploit.
This weakness in TCP used by Linux since 2012 could be used to deploy targeted attacks, track a user’s online activity and compromise the security of anonymity networks like TOR. The researchers are scheduled to present their research study at the USENIX Security Symposium in Austin, Texas.
Here’s what researchers have to say about this attack:
What is the Off-Path TCP Exploit in Linux?
To send and receive information, Linux and other operating systems make use of the Transmission Control Protocol. To make sure that the packaged information reaches the correct destination, Internet Protocol (IP) is used.
Let’s suppose two friends are communicating via the means of email. TCP assembles their messages into a series of data packets, identified by unique sequence numbers. Since there are almost 4 billion possible sequences, it’s impossible to guess the sequence number associated with a particular communication.
The researchers have identified a flaw in Linux that lets a hacker deduce the TCP sequence number related to a certain connection. For doing so, the attacker doesn’t need any information other than IP address of participant computers.
Thus, this weakness can track the online activities of users, terminate their communications, or inject malicious code. Even HTTPS connections, which are immune to code injection, could be terminated. The authors state that the attack is very fast and takes place in less than a minute with a success rate of about 90%.
Here’s a video explaining the TCP attack demo:
For detailed information on this TCP attack, you can download the research paper.
Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.