Exploit for #VU357 Man-in-the-middle attack in Linux kernel

Cybersecurity Help s.r.o.

Published: 2020-03-18 | Updated: 2020-04-07

Vulnerability identifier: #VU357

Vulnerability risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2016-5696

CWE-ID: CWE-300

Exploitation vector: Network

Exploits in database: 2

April 7, 2020
- challack (Proof-of-concept exploit code for CVE-2016-5696) [Github]
March 18, 2020
- mountain_goat (A PoC demonstrating techniques exploiting CVE-2016-5696 Off-Path TCP Exploits: Global Rate Limit Considered Dangerous ) [Github]

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation