Fixed
Created: Jun 29, 2016
Updated: Dec 3, 2018
Resolved Date: Jul 11, 2016
Found In Version: 6.0.0.29
Fix Version: 6.0.0.37
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3707
