Solved

Linux TCP flaw lets 'anyone' hijack Internet traffic

Posted on 2016-08-11
9
79 Views
Last Modified: 2016-08-20
Someone sent me this note about a new problem with the Linux kernel. Looking around, there is lots of information about it but little which confirms when it is actually fixed.

Most articles are copies of each other and all seem to say;
>The problem exists in any operating system running Linux kernel 3.6 or newer. Linux 3.6 was introduced in 2012.
>The vulnerability allows an attacker from anywhere on the Internet to

This is rather confusing because nothing seems to say when this was patched or even if it is? For example, looking at one server, it's running 3.10 which one would assume is long patched.

Anyone know more about this?
0
Comment
Question by:projects
  • 5
  • 4
9 Comments
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41753212
I would look to the creator of your distro for info on when this might be patched... For instance, RedHat is only vulnerable in Enterprise 6 and later, and since these are on support, it shouldn't take too long to fix... They say 4 and 5 are OK...

If you use a derivative, it might be a few weeks later.

Other distros should have some mention of it in their bugzilla at a minimum...

I would google CVE-2016-5696 plus your distros name for better results...
0
 

Author Comment

by:projects
ID: 41753228
Darn, I can't edit the question. I meant to include the details.

Centos7
Linux 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41753994
You can try this until the patches get out in the channel...
https://community.centminmod.com/threads/linux-tcp-flaw-cve-2016-5696-allows-hackers-to-hijack-net-traffic-inject-malware-remotely.8304/

This should keep the hackers at bay for THIS one...
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:projects
ID: 41754066
Yes, I know about this temporary fix but that's why I posted the question, to know if I should use it or not since it is not clear if it's been patched by now. There is mention of the problem since kernel x but no mention anywhere if it's been patched since a newer kernel version.
0
 
LVL 10

Accepted Solution

by:
Scott Silva earned 500 total points
ID: 41754404
The RedHat bugzilla doesn't mention a patch being released yet. They will most likely grab the upstream fixes and backport them... That can take a little time with their regression testing... Then after RedHat releases it, Centos will... You will have to watch the kernel bug fix listings to see when it finally gets fixed...
0
 

Author Comment

by:projects
ID: 41754439
Or, just keep using yum update to see a new update?
I have to assume this is not as crazy as the articles seem to imply otherwise, would it not be ultra high priority?
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41754463
It does take a bit of specially crafted packets to trigger it... I don't think it is a script kiddy project...
0
 
LVL 10

Expert Comment

by:Scott Silva
ID: 41755502
The kernel.org team has been releasing patches to the current kernel... It shouldn't be too long until the backports get done... It seems to be a fairly straightforward patch...
1
 

Author Comment

by:projects
ID: 41763974
Thanks for the update Scott.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Guacamole and browser performance 1 81
Why VNC doesn't work in Redhat? 11 60
Recommendations for Web-Based Multi-User File Manager / FTP software? 4 90
number in printf 13 27
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now