Vigilance Computer Vulnerability Alerts watches public vulnerabilities impacting your computers, describes security patches, and then alerts you to fix them.
Request your free trial

Vulnerability of Linux kernel: denial of service via /proc/net/udp

Synthesis of the vulnerability 

An attacker can read from /proc/net/udp in order to stop the system.
Vulnerable products: Kernel Linux.
Severity of this weakness: 1/4.
Creation date: 01/04/2009.
Références of this bulletin: BID-34329, BID-34333, CVE-2009-1243, VIGILANCE-VUL-8586.

Description of the vulnerability 

The /proc/net/udp pseudo file indicates the list of listening UDP services or established UDP sessions (its content is equivalent to "netstat -aun").

To handle the various simultaneous access to this file, the kernel uses a lock. When the user requests a read() on this file, the kernel locks the access, sends the data, and unlock the access.

If the user requests a read() of zero byte on this file, the kernel does not need to lock the access. However, at the end of the call, it tries to unlock a lock which is not locked. This error stops the kernel.

An attacker can therefore read from /proc/net/udp in order to stop the system.

Request your free trial to see the full bulletin

This weakness note impacts software or systems such as Kernel Linux.

Our Vigilance Computer Vulnerability Alerts team determined that the severity of this threat note is low.

The trust level is of type confirmed by the editor, with an origin of user shell.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer weakness.

Solutions for this threat 

Linux kernel: version 2.6.30.
Version 2.6.30 is corrected:
  ftp://ftp.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: version 2.6.29.1.
Version 2.6.29.1 is corrected:
  http://www.kernel.org/pub/linux/kernel/v2.6/

Linux kernel: patch for /proc/net/udp.
A patch is available in information sources.

Request your free trial to see the full bulletin

Computer vulnerabilities alerting service 

The Vigilance Computer Vulnerability Alerts offer can be used to customize the reception of bulletins.