Wind River Support Network

HomeDefectsLIN5-21700
Fixed

LIN5-21700 : Security Advisory - linux - CVE-2016-3707

Created: Jun 29, 2016    Updated: May 29, 2018
Resolved Date: Jul 15, 2016
Found In Version: 5.0.1.36
Fix Version: 5.0.1.37
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Kernel

Description

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3707

Other Downloads


Live chat
Online