Basic search

K
myhack58佚名MYHACK58:62201682103
HistoryDec 15, 2016 - 12:00 a.m.

UCloud-201612-002: Linux kernel through kill to mention the right vulnerability Security Alert-vulnerability warning-the black bar safety net

2016-12-1500:00:00
佚名
www.myhack58.com
27

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

7.9%

Dear UCloud users:

The Linux kernel is proof of the presence of conditions of competition of high-risk vulnerabilities, exploit the vulnerability from low rights processes executing kernel code, harm the serious. Please check you are using the kernel is in the affected range, and timely upgrades.

Scope of impact

centos 5 and 6 are not affected
centos 7 default is not affected by the impact of open namespaces after the affected)
ubuntu 12.04 14.04 affected
Debian 7, and 8 affected

Solution

Please make a backup of the work, in order to avoid a kernel repair after an accident situation

  1. A self-compiled fix, access repair code, download address:
    http://t.cn/RI7nIH3
  2. Through the package Manager to download the update, after the update you need to restart to take effect:
    1)centos7 upgrade methods:
    Official not yet released a Fix Pack
    2)ubuntu: the
    sudo apt-get update
    sudo apt-get install linux-image-generic
    sudo reboot
    uname-a view system version for the following, the description of the upgrade success:
    ubuntu 14.04 : 3.13.0-105.152
    ubuntu 12.04 : 3.2.0-118.161
    3)Debian: the
    The official website is not yet published update package

Vulnerability details

CVE-2016-8655: Linux (net/packet/af_packet. c)the presence of conditions of competition vulnerability that can allow low-privileged process to obtain the kernel code to execute permission. Vulnerability as early as 2011(v3. 2-rc1)version are found in 2016 11 on v4. 9-rc8 version is fixed.
POC: the https://www.exploit-db.com/exploits/40871/

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

7.9%

Related for MYHACK58:62201682103