A vulnerability has been found in the Linux networking stack that may allow a third party to terminate or inject false material into TCP sessions.
Default services like HTTPS and SSH will not be compromised by this false material, but connection terminations could occur.
To work around this issue, a setting within the TCP stack can be modified to make this vulnerability practically impossible to exploit.
This can be done by editing the file "/etc/config/rc.local", and adding the following line to it
echo 999999999 > /proc/sys/net/ipv4/tcp_challenge_ack_limit
This script will be executed on system boot.
Comments
0 comments
Article is closed for comments.