Описание
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
A stack overflow flaw was found in the Linux kernel’s TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
Отчет
Red Hat recommends to use TIPC Encryption to secure TIPC procotol's payload or use transport level to separate and/or secure (by both encrypting and authenticating via eg. IPSec/MACSec) the communication between nodes.
Меры по смягчению последствий
The TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module. Loading the module can be prevented with the following instructions:
echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf
The system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use. If the system requires this module to work correctly, this mitigation may not be suitable.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2022:0819 | 10.03.2022 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2022:0825 | 10.03.2022 |
| Red Hat Enterprise Linux 8 | kpatch-patch | Fixed | RHSA-2022:0849 | 14.03.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | kernel | Fixed | RHSA-2022:1589 | 26.04.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | kpatch-patch | Fixed | RHSA-2022:1619 | 27.04.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
A stack overflow flaw was found in the Linux kernel's TIPC protocol fu ...
Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3)
EPSS
7.1 High
CVSS3