Kernel Vunerable?

Post Reply
Message
Author
User avatar
Gordon Cooper
Posts: 965
Joined: Mon Nov 21, 2011 5:50 pm

Kernel Vunerable?

#1 Post by Gordon Cooper »

This appeared on the local LUG forum with the comment that it affects other Linux versions too.

https://www.suse.com/de-de/support/kb/doc/?id=7023928
Backup: Dell9010, MX-19_B2, Win7, 120 SSD, WD 232GIB HD, 4GB RAM
Primary :Homebrew64 bit Intel duo core 2 GB RAM, 120 GB Kingston SSD, Seagate1TB.
MX-18.2 64bit. Also MX17, Kubuntu14.04 & Puppy 6.3.

User avatar
colin_b
Posts: 452
Joined: Sun Mar 19, 2017 7:21 pm

Re: Kernel Vunerable?

#2 Post by colin_b »

https://www.bleepingcomputer.com/news/s ... y-netflix/
The SACK Panic vulnerability (Debian, Red Hat, Ubuntu, Suse, AWS) impacts Linux kernels 2.6.29 and later, and it can be exploited by "sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS" which will trigger an integer overflow.

To fix the issue, "Apply the patch PATCH_net_1_4.patch. Additionally, versions of the Linux kernel up to, and including, 4.14 require a second patch PATCH_net_1a.patch," says Netflix Information Security's advisory.

To mitigate the issue, users and administrator can completely disable SACK processing on the system (by setting /proc/sys/net/ipv4/tcp_sack to 0) or block connections with a low MSS using the filters provided by Netflix Information Security HERE — the second mitigation measure will only be effective when TCP probing is also disabled.

User avatar
timkb4cq
Developer
Posts: 3186
Joined: Wed Jul 12, 2006 4:05 pm

Re: Kernel Vunerable?

#3 Post by timkb4cq »

The debian 4.9 kernel has already been patched. So far the 4.19 has not been. I'm pretty sure that will happen soon & Stevo will build it for the repos.

At least it's not a "run random code" bug, it can just slow down or crash a system.
HP Pavillion TP01, AMD Ryzen 3 5300G (quad core), Crucial 500GB SSD, Toshiba 6TB 7200rpm
Dell Inspiron 15, AMD Ryzen 7 2700u (quad core). Sabrent 500GB nvme, Seagate 1TB

User avatar
Stevo
Developer
Posts: 12774
Joined: Fri Dec 15, 2006 8:07 pm

Re: Kernel Vunerable?

#4 Post by Stevo »

All four Netflix patches applied cleanly to the MX 4.19.37 kernel to take care of the severe and the two moderate CVEs that Netflix disclosed, so they are rebuilding now.

User avatar
Gordon Cooper
Posts: 965
Joined: Mon Nov 21, 2011 5:50 pm

Re: Kernel Vunerable?

#5 Post by Gordon Cooper »

Thank you.
Backup: Dell9010, MX-19_B2, Win7, 120 SSD, WD 232GIB HD, 4GB RAM
Primary :Homebrew64 bit Intel duo core 2 GB RAM, 120 GB Kingston SSD, Seagate1TB.
MX-18.2 64bit. Also MX17, Kubuntu14.04 & Puppy 6.3.

Post Reply

Return to “General”