Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.9
- https://github.com/0xkol/rfc6056-device-tracker
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CyberSecAI/top25_cwe_assign_compare