Linux Traffic Hijack Flaw Also Affects Most Android Phones, Tablets

Zack Whittaker, writing for ZDNet: As many as 80 percent of Android devices are vulnerable to a recently disclosed Linux kernel vulnerability. Security firm Lookout said in a blog post on Monday that the flaw affects all phones and tablets that are running Android 4.4 KitKat and later, which comes with the affected Linux kernel 3.6 or newer. According to recent statistics, the number of devices affected might run past 1.4 billion phones and tablets -- including devices running the Android Nougat developer preview. Windows and Macs are not affected by the vulnerability. The flaw, disclosed at the Usenix security conference last week, is complicated and difficult to exploit. If an attacker can pull off an exploit, they could inject malicious code into unencrypted web traffic from "anywhere". However, the source and destination IP address would need to be known in order to intercept the traffic, adding to the complexity of carrying out a successful attack.The exploitability isn't easy, though.

Re:What?

[quenda]

How is this different from a typical MITM attack?

The attacker does not have to be "in the middle" .
But standard defence against MITM - don't trust unencrypted connections - would work fine for this as well, I would think.

Patch already available (I think...)

[by+(1706743)]

Patch.

The link was from here, which also suggests a fix for unpatched systems:

echo 'net.ipv4.tcp_challenge_ack_limit = 999999999' >>/etc/sysctl.conf;sysctl -p

(Courtesy of this site.)

One more reason I hate Lenovo/Mororola support (NO

[blueskiesokie]

I love my Moto X Force. Motorola has absolutely no software support for their phones! There was one update to Android 6.0 Dec 15 . Absolutely no security updates!! So no fixes for ANY security issues.