Linux TCP vulnerability still in Android Nougat
Lookout Security is relaying some new discussion of a vulnerability in the Linux 3.6 and later kernels. An estimated 80 percent of the Android user base (going all the way to KitKat) or 1.4 billion devices are under the gun of this off-path exploit.
In other words, this is not Quadrooter.
In a joint presentation at the USENIX Security Symposium, researchers at the Univerity of California, Riverside, and the United States Army Research Labratory were concerned about something called the Global Rate Limit.
As the center of the Internet Protocol, TCP isn’t really meant to be security-focused. Researchers found that hackers could essentially infer an unencrypted TCP connection between two points, determine the protocol sequence numbers and, thus, terminate the connection and/or inject data. It’s a difficult hack with an easy fix — easy in that it has existed since July 11 and is waiting to be applied to Android.
In a blog post, Lookout stated that it has not found that fix applied in the fifth developer preview of Android Nougat, release only a week after the fix.
Remember that Android isn’t the only Linux-based operating system around, but with its reach, this vulnerability will be most impactful here.