Linux high-risk vulnerability exposure: Linux kernel ipv4/udp.c remote arbitrary code execution

650) this.width=650; "src=" Http://img.mp.sohu.com/upload/20170515/60e42b6378ee43248a862fa4722117e9.png "alt=" 60e42b6378ee43248a862fa4722117e9.png "/>

Vulnerability description

Linux kernel is the kernel used by the Linux Foundation's operating system Linux. The udp.c file in the previous version of Linux kernel 4.5 has a security gap, and the udp.c in theLinux kernel promises long-distance attackers to perform arbitrary code through UDP traffic that performs with Msg_ Peek symbol of the recv system calls to trigger unsafe 2nd checksum accounting, long-distance attackers can carefully construct data to fulfill arbitrary code, further resulting in local power, attributed to high-risk gap. However, due to the actual situation, according to the service of the UDP protocol, the Msg_peek symbol is less in real use, and the gap damage affected by the long-distance instruction is limited by the collective scale.

The vulnerability was found by Eric Dumazet of Google, who said the vulnerability stemmed from a Linux kernel patch at the end of 2015.

Vulnerability number

cve-2016-10229

Impact Range

According to the CVE website, when Linux kernel version is less than 4.5, it is affected by this vulnerability.

Google Android affected Distributions: Nexus 5X, Nexus 6, Nexus 6P, Pixel, Pixel XL, Pixel C, Android One, Nexus Player. and other related OEM versions.

Ubuntu 12.04, Ubuntu 14.04 series affected, Version (16.04, 16.10, 17.04) is not affected;

Debian 6, Debian 7, Debian 8 series are affected;

The SuSE 12 and 12SP1 series are affected; SuSE 12sp2 and 11 and earlier versions are not affected;

RedHat Linux 5, 6, 7 series not affected;

Remediation Scenarios

Some of the major Linux distributions, such as Ubuntu and Debian, have been deployed as early as this February, and Red hat says its Linux distributions are not affected by the vulnerability. Google has also released patches for Android in this month's Android security bulletins.

The vendor has released an upgrade patch to fix this security issue, and the patch gets the link:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=197c949e7798fbf28cfadc69d9ca0c2abbf931

It is recommended that the company that has the vulnerability, in accordance with its own business situation, consider the attack surface and fix it as appropriate.

Original link: http://www.magedu.com/71583.html

This article is from the "Marco Linux Training" blog, so be sure to keep this source http://mageedu.blog.51cto.com/4265610/1925963

Linux high-risk vulnerability exposure: Linux kernel ipv4/udp.c remote arbitrary code execution