Solved

Linux TCP flaw lets 'anyone' hijack Internet traffic

Posted on 2016-08-11
9
76 Views
Last Modified: 2016-08-20
Someone sent me this note about a new problem with the Linux kernel. Looking around, there is lots of information about it but little which confirms when it is actually fixed.

Most articles are copies of each other and all seem to say;
>The problem exists in any operating system running Linux kernel 3.6 or newer. Linux 3.6 was introduced in 2012.
>The vulnerability allows an attacker from anywhere on the Internet to

This is rather confusing because nothing seems to say when this was patched or even if it is? For example, looking at one server, it's running 3.10 which one would assume is long patched.

Anyone know more about this?
0
Comment
Question by:projects
  • 5
  • 4
9 Comments
 
LVL 9

Expert Comment

by:Scott Silva
ID: 41753212
I would look to the creator of your distro for info on when this might be patched... For instance, RedHat is only vulnerable in Enterprise 6 and later, and since these are on support, it shouldn't take too long to fix... They say 4 and 5 are OK...

If you use a derivative, it might be a few weeks later.

Other distros should have some mention of it in their bugzilla at a minimum...

I would google CVE-2016-5696 plus your distros name for better results...
0
 

Author Comment

by:projects
ID: 41753228
Darn, I can't edit the question. I meant to include the details.

Centos7
Linux 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
0
 
LVL 9

Expert Comment

by:Scott Silva
ID: 41753994
You can try this until the patches get out in the channel...
https://community.centminmod.com/threads/linux-tcp-flaw-cve-2016-5696-allows-hackers-to-hijack-net-traffic-inject-malware-remotely.8304/

This should keep the hackers at bay for THIS one...
0
 

Author Comment

by:projects
ID: 41754066
Yes, I know about this temporary fix but that's why I posted the question, to know if I should use it or not since it is not clear if it's been patched by now. There is mention of the problem since kernel x but no mention anywhere if it's been patched since a newer kernel version.
0
Give your grad a cloud of their own!

With up to 8TB of storage, give your favorite graduate their own personal cloud to centralize all their photos, videos and music in one safe place. They can save, sync and share all their stuff, and automatic photo backup helps free up space on their smartphone and tablet.

 
LVL 9

Accepted Solution

by:
Scott Silva earned 500 total points
ID: 41754404
The RedHat bugzilla doesn't mention a patch being released yet. They will most likely grab the upstream fixes and backport them... That can take a little time with their regression testing... Then after RedHat releases it, Centos will... You will have to watch the kernel bug fix listings to see when it finally gets fixed...
0
 

Author Comment

by:projects
ID: 41754439
Or, just keep using yum update to see a new update?
I have to assume this is not as crazy as the articles seem to imply otherwise, would it not be ultra high priority?
0
 
LVL 9

Expert Comment

by:Scott Silva
ID: 41754463
It does take a bit of specially crafted packets to trigger it... I don't think it is a script kiddy project...
0
 
LVL 9

Expert Comment

by:Scott Silva
ID: 41755502
The kernel.org team has been releasing patches to the current kernel... It shouldn't be too long until the backports get done... It seems to be a fairly straightforward patch...
1
 

Author Comment

by:projects
ID: 41763974
Thanks for the update Scott.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now