[LEDE-DEV] CVE-2016-10229 Remote code execution vulnerability in kernel networking subsystem
Hauke Mehrtens
hauke at hauke-m.de
Sun Apr 16 05:11:36 PDT 2017
On 04/16/2017 01:41 PM, yanosz wrote:
> Hello,
>
> CVE-2016-10229 was patched in android recently. While some distributions
> (ie Debian: https://security-tracker.debian.org/tracker/CVE-2016-10229)
> are not vulnerable due to having backported parts of the kernel code
> before, I wonder about the status in Lede (and OpenWRT).
>
> There are some rumors, that MSG_PEEK might be used in dnsmasq, but I
> don't know any details here.
>
> What's the current status in lede?
This was fixed in the following upstream Linux kernel versions:
v4.5-rc1 197c949e7798fbf28cfadc69d9ca0c2abbf93191
v4.4.21 dfe2042d96065f044a794f684e9f7976a4ca6e24
v3.18.45 69335972b1c1c9bd7597fc6080b6eb1bd3fbf774
v3.10.103 98f57e42cab062608cf3dce2b8eecbb2a0780ac4
LEDE 17.01 (kernel 4.4.50) was never affected by this problem.
OpenWrt 15.05.1 (kernel 3.18.23) is affected by this problem, this was
fixed in December 2016 in the OpenWrt CC branch by updating to version
kernel version 3.18.45.
I only checked which kernel version have the fix, which Debian linked, I
have *not* checked if OpenWrt or LEDE are really exploitable. I also
read that dnsmasq uses the problematic functionality, but I haven't
verified it.
Hauke
More information about the Lede-dev
mailing list