• This forum has a zero tolerance policy regarding spam. If you register here to publish advertising, your user account will be deleted without further questions.

Updated iproute packages fix local security vulnerability

A

Admin

Guest
Updated iproute packages that close a locally-exploitable denial of service
vulnerability are now available.

Description
The iproute package contains advanced IP routing and network device
configuration tools.

Herbert Xu reported that iproute can accept spoofed messages sent on the
kernel netlink interface by other users on the local machine. This could
lead to a local denial of service attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0856 to
this issue.

Users of iproute should upgrade to these erratum packages, which contain a
patch that checks that netlink messages actually came from the kernel.
 
Back
Top