Toutes les versions d’Android incluant le noyau Linux 3.6 et ses versions ultérieures, sont affectés d’une faille de sécurité, révèlent les experts de Lookout. Toutes les explications -en Anglais- avec un article détaillé de Pierluigi Paganini. | via Security Affairs
Source : CVE-2016-569 Linux flaw leaves 1.4 billion Android devices vulnerableSecurity Affairs
Experts from Lookout revealed that all Android versions running the Linux Kernel 3.6 to the latest are affected by the CVE-2016-569 Linux flaw.
Recently I wrote about a severe vulnerability (CVE-2016-5696) affecting the Linux version 3.6, deployed in 2012. The flaw was discovered by researchers from the University of California, Riverside, and the U.S. Army Research Laboratory that presented their findings at the USENIX Security 2016 conference.
The TCP/IP networking flaw allows attackers to spot communications between two entities and can be exploited to hijack the traffic and manipulate it if the exchange is not encrypted.
The attack is not considerable a man-in-the-middle attack, the attackers just need to send spoofed packets to both sides of the connection by simply knowing their IP addresses and destination ports…
Source : CVE-2016-569 Linux flaw leaves 1.4 billion Android devices vulnerableSecurity Affairs
