Is my Red Hat product affected by kernel CVE-2016-10229?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux (release 5,6,7)
  • Red Hat Enterprise MRG 2
  • realtime kernel

Issue

  • Is my Red Hat system affected by the kernel issue reported on April 4, 2017?
  • Is my kernel susceptible to the new "UDP" attack?
  • What is CVE-2016-10229, and does it affect my RHEL server?

Resolution

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, and 7, Red Hat Enterprise MRG 2, and realtime kernels as the code that introduced the flaw is not present in these products. Code can not be remotely executed using this exploit on Red Hat Enterprise Linux systems.

Root Cause

A flaw was found in the Linux kernel which allows remote attackers to crash the system or corrupt kernel memory, possibly leading to arbitrary code execution, via UDP traffic that triggers an unsafe second checksum calculation during the execution of a recv system call with the MSG_PEEK flag.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments