[LEDE-DEV] CVE-2016-10229 Remote code execution vulnerability in kernel networking subsystem

Hauke Mehrtens hauke at hauke-m.de
Sun Apr 16 05:11:36 PDT 2017

On 04/16/2017 01:41 PM, yanosz wrote:
> Hello,
> CVE-2016-10229 was patched in android recently. While some distributions
> (ie Debian: https://security-tracker.debian.org/tracker/CVE-2016-10229)
> are not vulnerable due to having backported parts of the kernel code
> before, I wonder about the status in Lede (and OpenWRT).
> There are some rumors, that MSG_PEEK might be used in dnsmasq, but I
> don't know any details here.
> What's the current status in lede?

This was fixed in the following upstream Linux kernel versions:
v4.5-rc1	197c949e7798fbf28cfadc69d9ca0c2abbf93191
v4.4.21		dfe2042d96065f044a794f684e9f7976a4ca6e24
v3.18.45	69335972b1c1c9bd7597fc6080b6eb1bd3fbf774
v3.10.103	98f57e42cab062608cf3dce2b8eecbb2a0780ac4

LEDE 17.01 (kernel 4.4.50) was never affected by this problem.
OpenWrt 15.05.1 (kernel 3.18.23) is affected by this problem, this was
fixed in December 2016 in the OpenWrt CC branch by updating to version
kernel version 3.18.45.

I only checked which kernel version have the fix, which Debian linked, I
have *not* checked if OpenWrt or LEDE are really exploitable. I also
read that dnsmasq uses the problematic functionality, but I haven't
verified it.


More information about the Lede-dev mailing list