Critical Code Execution bug on Linux Silently Fixed - Root Level

Another critical security bug on Linux kernel has been patched, which allows attackers to remotely control on the servers, PC's, IOT devices, Android and many more.

A high severity security bug dubbed as CVE-2016-10229 exposes machines and gizmos to attacks via UDP network traffic.

Any software receiving data using the system call recv() with the MSG_PEEK flag set on a vulnerable kernel opens up the box to potential hijacking. The hacker would have to craft packets to trigger a second checksum operation on the incoming information, which can lead to the execution of malicious code within the kernel, effectively as root.

There is a good news that, there is no evidence of exploitation of the bug in wild. But Programs from the Nginx web server and wget to the Mirai botnet code and various others set the MSG_PEEK flag on some connections, leaving the underlying machine open to attack if the kernel is vulnerable.

The issue was discovered by Google’s Eric Dumazet, and quietly dealt with at the end of 2015 with a small fix applied to the open-source kernel. Linux distros, such as Ubuntu and Debian, were distributing fixed builds of the kernel by February this year.

Eric had already applied a short fixed on open source Linux kernel. But Google had released the patch this year for Android. Vendor like Samsung, LG had also issued a patch for it's devices​.

This remote kernel-level code execution vulnerability in Linux, which sounds like the worst of the very worst, but it is pretty much patched by now. 😀

Now just update your kernel to get it fixed from this worst situation.
Read Also
Post a Comment