Off-Path TCP Exploits of the Challenge ACK Global Rate Limit.

In this paper, we report a subtle yet serious side channel vulnerability (CVE-2016-5696) introduced in a recent transmission control protocol (TCP) specification. The specification is faithfully implemented in Linux kernel version 3.6 (from 2012) and beyond, and affects a wide range of devices and hosts. In a nutshell, the vulnerability allows a blind off-path attacker to infer if any two arbitrar...