Solved

Linux TCP flaw lets 'anyone' hijack Internet traffic

Posted on 2016-08-11
9
86 Views
Last Modified: 2016-08-20
Someone sent me this note about a new problem with the Linux kernel. Looking around, there is lots of information about it but little which confirms when it is actually fixed.

Most articles are copies of each other and all seem to say;
>The problem exists in any operating system running Linux kernel 3.6 or newer. Linux 3.6 was introduced in 2012.
>The vulnerability allows an attacker from anywhere on the Internet to

This is rather confusing because nothing seems to say when this was patched or even if it is? For example, looking at one server, it's running 3.10 which one would assume is long patched.

Anyone know more about this?
0
Comment
Question by:projects
  • 5
  • 4
9 Comments
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41753212
I would look to the creator of your distro for info on when this might be patched... For instance, RedHat is only vulnerable in Enterprise 6 and later, and since these are on support, it shouldn't take too long to fix... They say 4 and 5 are OK...

If you use a derivative, it might be a few weeks later.

Other distros should have some mention of it in their bugzilla at a minimum...

I would google CVE-2016-5696 plus your distros name for better results...
0
 

Author Comment

by:projects
ID: 41753228
Darn, I can't edit the question. I meant to include the details.

Centos7
Linux 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41753994
You can try this until the patches get out in the channel...
https://community.centminmod.com/threads/linux-tcp-flaw-cve-2016-5696-allows-hackers-to-hijack-net-traffic-inject-malware-remotely.8304/

This should keep the hackers at bay for THIS one...
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 

Author Comment

by:projects
ID: 41754066
Yes, I know about this temporary fix but that's why I posted the question, to know if I should use it or not since it is not clear if it's been patched by now. There is mention of the problem since kernel x but no mention anywhere if it's been patched since a newer kernel version.
0
 
LVL 10

Accepted Solution

by:
Scott Silva earned 500 total points
ID: 41754404
The RedHat bugzilla doesn't mention a patch being released yet. They will most likely grab the upstream fixes and backport them... That can take a little time with their regression testing... Then after RedHat releases it, Centos will... You will have to watch the kernel bug fix listings to see when it finally gets fixed...
0
 

Author Comment

by:projects
ID: 41754439
Or, just keep using yum update to see a new update?
I have to assume this is not as crazy as the articles seem to imply otherwise, would it not be ultra high priority?
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41754463
It does take a bit of specially crafted packets to trigger it... I don't think it is a script kiddy project...
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41755502
The kernel.org team has been releasing patches to the current kernel... It shouldn't be too long until the backports get done... It seems to be a fairly straightforward patch...
1
 

Author Comment

by:projects
ID: 41763974
Thanks for the update Scott.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
The purpose of this article is to show how we can create Linux Mint virtual machine using Oracle Virtual Box. To install Linux Mint we have to download the ISO file from its website i.e. http://www.linuxmint.com. Once you open the link you will see …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question