Linux TCP implementation flaw puts a billion plus Android smartphones to risk of snooping on their encrypted communication by hackers
Over a billion plus Android smartphone owners around the world are at risk from hackers sniffing their encrypted and unencrypted communication between friends or banking websites. The flaw discovered by Lookout security researchers lies in the way Linux kernel implements the TCP protocol and affects a large portion of the Android ecosystem.
The vulnerability has been deemed as critical and assigned CVE-2016-5696. Called the Linux TCP Bug, the flaw affects about 80 percent of all Android devices in circulation which means a billion plus Android smartphone owners should be worried.
Android operating system is affected by this bug because Android ecosystem is built on a modified version of the Linux kernel.
The Linux TCP Bug allows potential hackers probe servers or users for active connections and then sniff the packet sequence. Consequentially this allows the hacker to enter the packet flow between two parties, sniff on unencrypted traffic, or to shut down encrypted connections.
Lookout says that all Linux kernel versions between v3.6 and up to v4.7 are vulnerable. This means that all Android smartphones and tablets running on Android OS 4.4 KitKat and above are vulnerable to this type of attack.
Lookout said that it has already informed Google and Android security team about the flaw and the same should be patched in upcoming Android update. However, Google patches dont percolate to majority of Android smartphone users due to lethargy of smartphone manufacturers. This makes almost all Android smarpthones and tablets vulnerable but Lookout says that it didnt find the vulnerability being exploited in wild as of today.
The Linux Foundation has already taken all the steps to mitigate this security flaw and has patched the Linux kernel on July 11, 2016.
Users can do this by using encrypted apps, navigating sites via their HTTPS versions, or by employing a VPN. For more technical users, the Lookout team recommends the following steps:
“ If you have a rooted Android device you can make this attack harder by using the sysctl tool and changing the value for net.ipv4.tcp_challenge_ack_limit to something very large, e.g. net.ipv4.tcp_challenge_ack_limit = 999999999 ”
