Casa » Notícia » “GRO pacote de morte” vulnerabilidade é encontrada no kernel do Linux

“GRO pacote de morte” vulnerabilidade é encontrada no kernel do Linux

No kernel Linux descobriu a vulnerabilidade CVE-2019-11683.

Eut enables remotely cause denial in service through sending specially designed UDP-packets (maço-de-morte).

Problem hides in the error of handler udp_gro_receive_segment (net / ipv4 / udp_offload.c) with realization of GRO (Generic Receive Offload) tecnologia e podem conduzir a danos das regiões de memória do núcleo durante o processamento de pacotes UDP-com enchimento de zero (carga vazia).

“A manipulação inadequada de pacotes almofadados, aka o “GRO pacote de morte” issue found in Linux kernel”, — reported researchers on seclists.org forum.

Problem involves 5.0 kernel only as GRO support for UDP-sockets was realized in Novemebr 2018 and got in the last stable core release only. GRO technology allows speeding up processing of large quantities of incoming packets due aggregation of packets in larger blocks that does not demand processing of every packet solely.

For TCP problem does not arise, as for this protocol aggregation of packets without payload is not supported.

Vulnerability is fixed in the form of the patch; correcting update is not published yet. Among distributives core 5.0 managed to get in parts of Fedora 30, Ubuntu 19.04, Arch Linux, Gentoo and other permanently updated distributives.

Problem does not affect Debian, Ubuntu 18.10 and younger, RHEL/CentOS and SUSE/openSUSE.

Problem was discovered as a result of syzbot usage that is Google-created automatized fuzzing-testing system, e KASAN(KernelAddressSanitizer) analyzer that aims detection of errors while working with the memory and facts of incorrect turns to memory, Como, Por exemplo, calls to freed memory areas and code placement in memory areas that are not designed for such manipulations.

Fonte: https://seclists.org

Sobre Trojan Killer

Carry Trojan Killer portátil em seu memory stick. Certifique-se que você é capaz de ajudar o seu PC resistir a quaisquer ameaças cibernéticas onde quer que vá.

Além disso, verifique

MageCart na Cloud Platform Heroku

Os investigadores encontraram vários MageCart Web Skimmers Em Heroku Cloud Platform

Pesquisadores da Malwarebytes informou sobre encontrar vários skimmers MageCart web na plataforma Heroku nuvem …

Android Spyware CallerSpy

máscaras spyware CallerSpy como uma aplicação de chat Android

Trend Micro especialistas descobriram a CallerSpy malwares, que mascara como uma aplicação de chat Android, …

Deixar uma resposta