CVE-2024-39920

Name of the Vulnerable Software and Affected Versions TCP protocol (affected versions not specified)

Description The issue is related to a timing side channel in the TCP protocol, making it easier for remote attackers to infer the content of one TCP connection from a client system to any server. This can occur when the client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server. The attack can begin by measuring RTTs via the TCP segments whose role is to provide an ACK control bit and an Acknowledgment Number.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.