The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Linux kernel: use after free via IPV6_RECVPKTINFO

Synthesis of the vulnerability 

An attacker can force the usage of a freed memory area via IPV6_RECVPKTINFO on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Vulnerable products: Debian, BIG-IP Hardware, TMOS, Fedora, Android OS, Linux, openSUSE Leap, Oracle Communications, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity of this weakness: 2/4.
Creation date: 20/02/2017.
Références of this bulletin: CERTFR-2017-AVI-058, CERTFR-2017-AVI-141, CERTFR-2017-AVI-162, CERTFR-2017-AVI-282, CERTFR-2017-AVI-311, cpujul2018, CVE-2017-6074, DLA-833-1, DSA-3791-1, FEDORA-2017-4b9f61c68d, FEDORA-2017-f519ebb3c4, K82508682, openSUSE-SU-2017:0541-1, openSUSE-SU-2017:0547-1, RHSA-2017:0293-01, RHSA-2017:0294-01, RHSA-2017:0295-01, RHSA-2017:0316-01, RHSA-2017:0323-01, RHSA-2017:0324-01, RHSA-2017:0345-01, RHSA-2017:0346-01, RHSA-2017:0347-01, RHSA-2017:0365-01, RHSA-2017:0366-01, RHSA-2017:0403-01, RHSA-2017:0501-01, SUSE-SU-2017:1183-1, SUSE-SU-2017:1247-1, SUSE-SU-2017:1301-1, SUSE-SU-2017:1360-1, SUSE-SU-2017:1990-1, SUSE-SU-2017:2342-1, SUSE-SU-2017:2525-1, USN-3206-1, USN-3207-1, USN-3207-2, USN-3208-1, USN-3208-2, USN-3209-1, VIGILANCE-VUL-21900.

Description of the vulnerability 

An attacker can force the usage of a freed memory area via IPV6_RECVPKTINFO on the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer threat impacts software or systems such as Debian, BIG-IP Hardware, TMOS, Fedora, Android OS, Linux, openSUSE Leap, Oracle Communications, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.

Our Vigil@nce team determined that the severity of this computer vulnerability alert is medium.

The trust level is of type confirmed by the editor, with an origin of user shell.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this cybersecurity weakness.

Solutions for this threat 

Linux kernel: version 4.9.13.
The version 4.9.13 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.4.52.
The version 4.4.52 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/

Linux kernel: version 4.1.41.
The version 4.1.41 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.1.41.tar.xz

Linux kernel: version 3.18.49.
The version 3.18.49 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v3.x/

Linux kernel: version 3.16.41.
The version 3.16.41 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v3.x/

Linux kernel: version 3.12.71.
The version 3.12.71 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v3.x/

Linux kernel: version 3.10.106.
The version 3.10.106 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v3.x/linux-3.10.106.tar.xz

Linux kernel: version 3.2.86.
The version 3.2.86 is fixed:
  https://cdn.kernel.org/pub/linux/kernel/v3.x/

Linux kernel: patch for IPV6_RECVPKTINFO.
A patch is indicated in information sources.

Android OS: patches 2017-07-01 and 2017-07-05.
A patch is indicated in information sources.

Debian 7: new linux packages.
New packages are available:
  Debian 7: linux 3.2.84-2

Debian 8: new linux packages.
New packages are available:
  Debian 8: linux 3.16.39-1+deb8u1

F5 BIG-IP: solution for Linux.
The solution is indicated in information sources.

Fedora: new kernel packages.
New packages are available:
  Fedora 24: kernel 4.9.12-100.fc24
  Fedora 25: kernel 4.9.12-200.fc25

openSUSE Leap: new kernel packages.
New packages are available:
  openSUSE Leap 42.1: kernel 4.1.38-50.1
  openSUSE Leap 42.2: kernel 4.4.49-16.1

Oracle Communications: CPU of July 2018.
A Critical Patch Update is available:
  https://support.oracle.com/rs?type=doc&id=2410237.1
  https://support.oracle.com/rs?type=doc&id=2406191.1
  https://support.oracle.com/rs?type=doc&id=2410234.1
  https://support.oracle.com/rs?type=doc&id=2408211.1
  https://support.oracle.com/rs?type=doc&id=2406689.1
  https://support.oracle.com/rs?type=doc&id=2408212.1
  https://support.oracle.com/rs?type=doc&id=2410243.1
  https://support.oracle.com/rs?type=doc&id=2410198.1

RHEL 5: new kernel packages.
New packages are available:
  RHEL 5: kernel 2.6.18-419.el5

RHEL 6.2: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-220.70.1.el6

RHEL 6.5: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-431.78.1.el6

RHEL 6.6: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-504.57.1.el6

RHEL 6.7: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-573.40.1.el6

RHEL 6: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-642.13.2.el6

RHEL 7.1: new kernel packages.
New packages are available:
  RHEL 7: kernel 3.10.0-229.49.1.el7

RHEL 7.2: new kernel packages.
New packages are available:
  RHEL 7: kernel 3.10.0-327.49.2.el7

RHEL 7: new kernel packages.
New packages are available:
  RHEL 7: kernel 3.10.0-514.6.2.el7

RHEL 7: new kernel-rt packages.
New packages are available:
  RHEL 7: kernel-rt 3.10.0-514.6.1.rt56.430.el7

RHLE 5.6: new kernel packages.
New packages are available:
  RHEL 5: kernel 2.6.18-238.58.1.el5

RHLE 5.9: new kernel packages.
New packages are available:
  RHEL 5: kernel 2.6.18-348.33.1.el5

RHLE 6.4: new kernel packages.
New packages are available:
  RHEL 6: kernel 2.6.32-358.77.1.el6

SUSE LE 11 SP3: new kernel packages.
New packages are available:
  SUSE LE 11 SP3: kernel 3.0.101-0.47.106.5.1

SUSE LE 11 SP4: new kernel packages.
New packages are available:
  SUSE LE 11 SP4: kernel 3.0.101-100.1

SUSE LE 11 SP4: new kernel-rt packages (05/09/2017).
New packages are available:
  SUSE LE 11 SP4: kernel-rt 3.0.101.rt130-69.5.1

SUSE LE 12 RTM: new kernel packages.
New packages are available:
  SUSE LE 12 RTM: kernel 3.12.61-52.72.1

SUSE LE 12 SP1: new kernel packages.
New packages are available:
  SUSE LE 12 SP1: kernel 3.12.74-60.64.40.1

SUSE LE 12 SP2: new kernel packages.
New packages are available:
  SUSE LE 12 SP2: kernel 4.4.59-92.17.3

SUSE LE 12 SP2: new kernel-rt packages (28/07/2017).
New packages are available:
  SUSE LE 12 SP2: kernel-rt 4.4.74-7.10.1

Ubuntu 12.04: new linux-image-3.2.0 packages.
New packages are available:
  Ubuntu 12.04 LTS: linux-image-3.2.0 3.2.0-123.166

Ubuntu 16.10: new linux-image-4.8.0 packages.
New packages are available:
  Ubuntu 16.10: linux-image-4.8.0 4.8.0-39.42

Ubuntu: new linux-image-3.13.0 packages.
New packages are available:
  Ubuntu 12.04 LTS: linux-image-3.13.0 3.13.0-110.157~precise1
  Ubuntu 14.04 LTS: linux-image-3.13.0 3.13.0-110.157

Ubuntu: new linux-image-4.4.0 packages.
New packages are available:
  Ubuntu 14.04 LTS: linux-image-4.4.0 4.4.0-64.85~14.04.1
  Ubuntu 16.04 LTS: linux-image-4.4.0 4.4.0-1048.52
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a system vulnerability watch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.