δ½εMYHACK58:62201785273Linux kernel ipv4/udp. c remote arbitrary code execution(CVE-2016-10229)-vulnerability warning-the black bar safety net
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
91.9%
! [](/Article/UploadPic/2017-4/2017415103351814. png? www. myhack58. com)
Vulnerability description
The Linux kernel is the United States, the Linux Foundation released theoperating systemLinux the kernel. Linux kernel 4.5 the previous version of the udp. c file there is a security vulnerability, the Linux kernel udp. c allows a remote attacker via UDP traffic to arbitrary code execution, these flows will be in the implementation with MSG_PEEK flag of recv system call when the trigger unsafe second checksum calculation, a remote attacker can carefully construct the data in arbitrary code execution, further cause the local extraction rights, belonging to high-risk vulnerabilities. But since the reality of the situation, based on the UDP Protocol of the service when the MSG_PEEK flag in actual use is less, by the remote command execution vulnerability hazard impact groups of limited scope.
The vulnerability is from Google Eric Dumazet discovered, he said vulnerability stems from 2015 at the end of a Linux kernel patch.
Vulnerability number
CVE-2016-10229
The scope of the impact
Based on the CVE official website disclosure, when the Linux Kernel version less than 4. 5 will be affected by the vulnerability.
Google Android affected release: Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Pixel C, Android One, the Nexus Player. And other related OEM versions.
Ubuntu 12.04, Ubuntu 14.04 series affected, version 16.04, and 16.10, and 17.04 are not affected;
Debian 6 and Debian 7 And Debian 8 series are affected;
SUSE 12 and 12SP1 series affected; SUSE 12SP2 and 11 and earlier versions are not affected;
RedHat Linux 5, 6, and 7 series is not affected;
Solution
Some of the major Linux distributions, such as Ubuntu and Debian back in this year 2 month already deployed a fix after the build version; Red Hat indicated that its Linux distribution is not affected by the vulnerability. Google this month in the Android security Bulletin also has been directed to the Android system released corresponding patches.
Manufacturers have released upgrade patches to fix this security issue, the patch get link:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=197c949e7798fbf28cfadc69d9ca0c2abbf931
Recommendations the vulnerability exists in the enterprise according to its own business case, consider the attack surface after the appropriate repair.
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
91.9%