The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Linux kernel: integer overflow via packet_set_ring
Synthesis of the vulnerability
A privileged attacker can generate an integer overflow via packet_set_ring() on the Linux kernel, in order to trigger a denial of service, and possibly to run code. Severity of this computer vulnerability: 1/4.
Creation date: 03/04/2017.
Revisions dates: 11/05/2017, 16/05/2017.
Références of this announce: BSA-2017-323, BSA-2017-325, BSA-2017-326, BSA-2017-327, BSA-2017-328, BSA-2017-330, BSA-2017-331, CERTFR-2017-AVI-141, CERTFR-2017-AVI-162, CERTFR-2017-AVI-282, CERTFR-2017-AVI-311, CVE-2017-7308, DLA-922-1, FEDORA-2017-26c9ecd7a4, FEDORA-2017-3a9ec92dd6, FEDORA-2017-502cf68d68, FEDORA-2017-8e7549fb91, K82224417, openSUSE-SU-2017:1140-1, openSUSE-SU-2017:1215-1, RHSA-2017:1297-01, RHSA-2017:1298-01, RHSA-2017:1308-01, RHSA-2018:1854-01, SUSE-SU-2017:1183-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3256-1, USN-3256-2, VIGILANCE-VUL-22306.
Full Vigil@nce bulletin... (Free trial)
Description of the vulnerability
A privileged attacker can generate an integer overflow via packet_set_ring() on the Linux kernel, in order to trigger a denial of service, and possibly to run code. Full Vigil@nce bulletin... (Free trial)
This threat alert impacts software or systems such as Brocade vTM, Debian, BIG-IP Hardware, TMOS, Fedora, Android OS, Linux, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Synology DS***, Synology RS***, Ubuntu.
Our Vigil@nce team determined that the severity of this computer vulnerability bulletin is low.
The trust level is of type confirmed by the editor, with an origin of privileged shell.
A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this weakness note.
Solutions for this threat
Linux kernel: version 4.10.14.
The version 4.10.14 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/
Linux kernel: version 4.10.11.
The version 4.10.11 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/
Linux kernel: version 4.9.26.
The version 4.9.26 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/
Linux kernel: version 4.9.23.
The version 4.9.23 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/
Linux kernel: version 4.4.66.
The version 4.4.66 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/
Linux kernel: version 4.4.62.
The version 4.4.62 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/
Linux kernel: version 4.1.41.
The version 4.1.41 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.1.41.tar.xz
Linux kernel: version 3.18.52.
The version 3.18.52 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v3.x/
Linux kernel: version 3.18.49.
The version 3.18.49 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v3.x/
Linux kernel: version 3.16.44.
The version 3.16.44 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v3.x/linux-3.16.44.tar.xz
Linux kernel: version 3.12.74.
The version 3.12.74 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v3.x/
Linux kernel: version 3.10.107.
The version 3.10.107 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v3.x/
Linux kernel: version 3.2.89.
The version 3.2.89 is fixed:
https://cdn.kernel.org/pub/linux/kernel/v3.x/linux-3.2.89.tar.xz
Linux kernel: patch for packet_set_ring.
A patch is indicated in information sources.
Android OS: patches 2017-07-01 and 2017-07-05.
A patch is indicated in information sources.
Brocade Virtual Traffic Manager: version 17.2.
The version 17.2 is fixed.
Debian: new linux packages.
New packages are available:
Debian 7: linux 3.2.88-1
Debian 8: linux 3.16.43-1
F5 BIG-IP: solution for Linux CVE-2017-7308.
The solution is indicated in information sources.
Fedora: new kernel packages.
New packages are available:
Fedora 24: kernel 4.10.10-100.fc24
Fedora 25: kernel 4.10.10-200.fc25
openSUSE Leap 42.1: new kernel packages.
New packages are available:
openSUSE Leap 42.1: kernel 4.1.39-56.1
openSUSE Leap 42.2: new kernel packages.
New packages are available:
openSUSE Leap 42.2: kernel 4.4.62-18.6.1
RHEL 6: new kernel packages.
New packages are available:
RHEL 6: kernel 2.6.32-754.el6
RHEL 7: new kernel packages.
New packages are available:
RHEL 7: kernel 3.10.0-514.21.1.el7
RHEL: new kernel-rt packages.
New packages are available:
RHEL 6: kernel-rt 3.10.0-514.rt56.221.el6rt
RHEL 7: kernel-rt 3.10.0-514.21.1.rt56.438.el7
SUSE LE 11 SP3: new kernel packages.
New packages are available:
SUSE LE 11 SP3: kernel 3.0.101-0.47.106.5.1
SUSE LE 11 SP4: new kernel packages.
New packages are available:
SUSE LE 11 SP4: kernel 3.0.101-100.1
SUSE LE 11 SP4: new kernel-rt packages (05/09/2017).
New packages are available:
SUSE LE 11 SP4: kernel-rt 3.0.101.rt130-69.5.1
SUSE LE 12 RTM: new kernel packages.
New packages are available:
SUSE LE 12 RTM: kernel 3.12.61-52.72.1
SUSE LE 12 SP1: new kernel packages.
New packages are available:
SUSE LE 12 SP1: kernel 3.12.74-60.64.40.1
SUSE LE 12 SP2: new kernel packages.
New packages are available:
SUSE LE 12 SP2: kernel 4.4.59-92.17.3
SUSE LE 12 SP2: new kernel-rt packages (28/07/2017).
New packages are available:
SUSE LE 12 SP2: kernel-rt 4.4.74-7.10.1
Synology DiskStation Manager, DS, RS: version 6.1.1-15101-03.
The version DSM 6.1.1-15101-03 will be fixed.
Synology also announces that version 6.1.1-15101-2 for DS/RS is fixed.
Ubuntu: new linux-image-generic packages.
New packages are available:
Ubuntu 12.04 LTS: linux-image-generic 3.2.0.126.141
Ubuntu 14.04 LTS: linux-image-generic 3.13.0.116.126
Ubuntu 16.04 LTS: linux-image-generic 4.4.0.72.78
Ubuntu 16.10: linux-image-generic 4.8.0.46.58
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides networks vulnerabilities patches. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.
|