Linux kernel - challange ack information leak Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-16-047 Final 1 1 2017-04-04T00:00:00 Current version 2017-04-04T00:00:00 2017-04-04T00:00:00 net/ipv4/tcp_input.c in certain Linux kernel versions does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack. Information disclosure FortiOS versions<ul> <li>5.2.8 and below</li>&lt;li&gt;5.4.0 &amp; 5.4.1&lt;/li&gt;</ul>FortiAnalyzer versions 5.4.0 & 5.4.1 For FortiOS, upgrade to versions5.2.9 or5.4.2 or5.6.0 or5.4.2 orupcoming 5.6.0 https://fortiguard.fortinet.com/psirt/FG-IR-16-047 Linux kernel - challange ack information leak https://nvd.nist.gov/vuln/detail/CVE-2016-5696 https://nvd.nist.gov/vuln/detail/CVE-2016-5696 CVE-2016-5696 0 https://fortiguard.fortinet.com/psirt/FG-IR-16-047 Linux kernel - challange ack information leak Reference> https://nvd.nist.gov/vuln/detail/CVE-2016-5696 https://nvd.nist.gov/vuln/detail/CVE-2016-5696