Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday May 14 2019, @04:30PM   Printer-friendly
from the does-this-also-affect-Android? dept.

Submitted via IRC for AnonymousLuser:

Linux Kernel Prior to 5.0.8 Vulnerable to Remote Code Execution

Linux machines running distributions powered by kernels prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free, related to net namespace cleanup, exposing vulnerable systems to remote attacks.

Potential attackers could exploit the security flaw found in Linux kernel's rds_tcp_kill_sock TCP/IP implementation in net/rds/tcp.c to trigger denial-of-service (DoS) states and to execute code remotely on vulnerable Linux machines.

The attacks can be launched with the help of specially crafted TCP packets sent to vulnerable Linux boxes which can trigger use-after-free errors and enable the attackers to execute arbitrary code on the target system.

The remotely exploitable vulnerability has been assigned a 8.1 high severity base score by NIST's NVD, it is being tracked as CVE-2019-11815 (Red Hat, Ubuntu, SUSE, and Debian) and it could be abused by unauthenticated attackers without interaction from the user.

Luckily, because the attack complexity is high, the vulnerability received an exploitability score of 2.2 while the impact score is limited to 5.9.

[...] The Linux kernel developers issued a patch for the CVE-2019-11815 issue during late-March and fixed the flaw in the Linux kernel 5.0.8 version released on April 17.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Interesting) by Anonymous Coward on Tuesday May 14 2019, @05:10PM (12 children)

    by Anonymous Coward on Tuesday May 14 2019, @05:10PM (#843486)

    They are saying it's affecting all kernel prior to 5.0.8, does it go down to 1.0? Or is it only for the 5.0 serie?

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  

    Total Score:   1  
  • (Score: 2, Funny) by Anonymous Coward on Tuesday May 14 2019, @05:44PM (5 children)

    by Anonymous Coward on Tuesday May 14 2019, @05:44PM (#843507)

    They are saying it's affecting all kernel prior to 5.0.8, does it go down to 1.0? Or is it only for the 5.0 serie?

    This:
    https://www.securityfocus.com/bid/108283 [securityfocus.com]
    Will answer your question.

    The above was linked from the CVE Entry [mitre.org] linked in TFS.

    There's plenty of other information there too. You might want to take a look, as I dropped my spoon and the five second rule has elapsed. As such, I am unable to feed you any more.

    • (Score: 2) by Freeman on Tuesday May 14 2019, @06:12PM

      by Freeman (732) on Tuesday May 14 2019, @06:12PM (#843518) Journal

      So, basically anything within the last 2 decades or so.

      --
      Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
    • (Score: 4, Informative) by janrinok on Tuesday May 14 2019, @06:14PM (3 children)

      by janrinok (52) Subscriber Badge on Tuesday May 14 2019, @06:14PM (#843519) Journal

      It goes back to Kernel 2.0.

      Just because it exists doesn't mean it has been exploited.

      • (Score: 2) by Freeman on Tuesday May 14 2019, @08:12PM

        by Freeman (732) on Tuesday May 14 2019, @08:12PM (#843568) Journal

        True, but it could have been exploited. Given that it's now public knowledge. You're going to want to update everything that matters.

        --
        Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
      • (Score: 0) by Anonymous Coward on Wednesday May 15 2019, @05:34AM (1 child)

        by Anonymous Coward on Wednesday May 15 2019, @05:34AM (#843702)

        No it doesn't, it was introduced in 2015. It's also in an obscure module you very likely haven't loaded so this is not a big thing. Look at the git log.

  • (Score: 0) by Anonymous Coward on Tuesday May 14 2019, @05:48PM

    by Anonymous Coward on Tuesday May 14 2019, @05:48PM (#843510)

    5.x is just a number and way too recent, assume at least 4.x is also vulnerable... better yet, assume way back to v0.x until you get a better range

  • (Score: 2) by RS3 on Tuesday May 14 2019, @06:05PM (2 children)

    by RS3 (6367) on Tuesday May 14 2019, @06:05PM (#843516)

    Article doesn't say. We'd need to know when the vulnerability was introduced into the kernel tree. More research needed... quick search didn't reveal code history...

  • (Score: 2) by sshelton76 on Tuesday May 14 2019, @06:07PM

    by sshelton76 (7978) on Tuesday May 14 2019, @06:07PM (#843517)

    Looking at the diff
    https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/diff/?id=cb66ddd156203daefb8d71158036b27b0e2caf63 [kernel.org]

    That has probably been there since Linus was in Jr High.

  • (Score: 1) by Zappy on Wednesday May 15 2019, @08:26AM

    by Zappy (4210) on Wednesday May 15 2019, @08:26AM (#843734)

    According to RedHat the bug was introduced with commit bdf5bd7f21323493dbe5f2c723dc33f2fbb0241a dated 19 Mar 2018.

    So it's introduced in the 4.14/4.15 era.