Lucene search

K
myhack58佚名MYHACK58:62201787113
HistoryJun 17, 2017 - 12:00 a.m.

Lurking for over 11 years, the Linux kernel vulnerability”Phoenix Talon”exposure-vulnerability warning-the black bar safety net

2017-06-1700:00:00
佚名
www.myhack58.com
111

EPSS

0.001

Percentile

32.1%

! [](/Article/UploadPic/2017-6/2017617379281. png? www. myhack58. com)
Early last month, qimingxing e ADLab presented four exist in the Linux kernel of the remote vulnerability, and the name“Phoenix Talon”; wherein a vulnerability is a serious(Critical)level, the other three as high-risk(High). Yesterday ADLab published in which serious(Critical)vulnerabilities relevant details. The four vulnerabilities affect the range includes all the Linux kernel 2.5.69 ~ Linux kernel 4.11 kernel version.
According to Morning Star Chen introduction, the vulnerability can lead to remote DOS in compliance with certain Use Conditions can lead to remote code execution, comprising the transport layer of the TCP, DCCP, SCTP, and network layer IPv4 and IPv6 protocols are affected.
Vulnerability number
CVE-2017-8890
CVE-2017-9075
CVE-2017-9076
CVE-2017-9077
Vulnerability level
CVE-2017-8890: serious(Critical)
CVE-2017-9075: high-risk(High)
CVE-2017-9076: high-risk(High)
CVE-2017-9077: high-risk(High)
Note: refer to the CVSS 3.0 standard
Vulnerability description
CVE-2017-8890
From 4. 10. 15 version start the Linux kernel net/ipv4/inet_connection_sock. c inet_csk_clone_lock function could allow an attacker to launch a DoS(double free)attacks, or the use of the accept()system call caused by other effects.
The vulnerability four vulnerabilities, the most serious, is essentially a double free problem, using the setsockopt()function in the MCAST_JOIN_GROUP option, and call the accept()function to trigger the vulnerability.
CVE-2017-9075
4.11.1 version of the Linux kernel net/sctp/ipv6. c in sctp_v6_create_accept_sk function of the inheritance of improper handling, the local user can launch a DoS attack, or through a special system call to cause the other impact of this vulnerability with CVE-2017-8890-related.
CVE-2017-9076
Linux version 4. 11. 1 After the system net/dccp/ipv6. c file in the dccp_v6_request_recv_sock function of the inheritance of improper handling, the local user can launch a DoS attack, or through a special system call to cause the other impact of this vulnerability with CVE-2017-8890-related.
CVE-2017-9077
Linux version 4. 11. 1 After the system net/dccp/ipv6. c file in the tcp_v6_syn_recv_sock function of the inheritance of improper handling, the local user can launch a DoS attack, or through a special system call to cause the other impact of this vulnerability with CVE-2017-8890-related.
Solution
Qimingxing e ADLab will exploit feedback to the Linux kernel community, Linux community in the Linux 4.12-rc1 merge the fix the issue the patch.
Or the user can use the Grsecurity/PaX kernel reinforcement.