PSIRT Advisory

Linux kernel - challenge ack information leak

Summary

net/ipv4/tcp_input.c in certain Linux kernel versions does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.

Impact

Information disclosure

Affected Products

FortiOS versions

  • 5.2.8 and below
  • 5.4.0 & 5.4.1
FortiAnalyzer versions 5.4.0 & 5.4.1

Solutions

For FortiOS, upgrade to versions

  • 5.2.9 or
  • 5.4.2 or
  • 5.6.0
For FortiAnalyzer, upgrade to version
  • 5.4.2 

References