Wind River Support Network

HomeDefectsLIN7-6456
Fixed

LIN7-6456 : Security Advisory - linux - CVE-2016-3707

Created: Jun 29, 2016    Updated: Sep 8, 2018
Resolved Date: Jul 11, 2016
Found In Version: 7.0.0.16
Fix Version: 7.0.0.18
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel

Description

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3707

Other Downloads


CVEs


Live chat
Online