Remote code execution vulnerability in kernel networking subsystem CVE-2016-10229

Tracked by Jolla (In progress)

asked 2017-04-03 23:03:05 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-04-04 12:05:21 +0300

lpr gravatar image

udp: properly support MSG_PEEK with truncated buffers

this critical remote attackable vulnerability was patched in 3.4.113 and this patch should be added to sfos kernel as soon as possible ( source: Google Android security bulletin )...

Description ( NVD ): udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

edit retag flag offensive close delete

Comments

1

1st april prank? Google says CVE-2016-10229 does not exists.

coderus ( 2017-04-03 23:37:02 +0300 )edit
1
1

@coderus severity: critical
we have to fear malicious udp-packets

lpr ( 2017-04-03 23:50:19 +0300 )edit
1

CVE-2016-10229 is not (properly?) assigned. There are no any references of this vulnerability.

You fear everything, i'm not even suprised.

coderus ( 2017-04-03 23:51:57 +0300 )edit
1

@coderus it is properly assiged but information hold back that people are able to patch and normal distros are not affected anymore because they patched long time ago. Patch for kernel3.4 entered 2016-10-26 and recent kernels are not affected due to code redesign

lpr ( 2017-04-03 23:54:21 +0300 )edit