【安全預警】CVE-2017-7645:Linux 內核遠程拒絕服務漏洞
責編:mhshi |2017-07-10 10:12:47作者:ADLab
Introduce
繼Linux內核遠程漏洞”Phoenix Talon”之后,Linux內核再爆近乎影響所有版本的DoS漏洞CVE-2017-7645(CNVD-2017-06843、CNNVD-201704-447),此次頗有”Phoenix Talon”聲振屋瓦之勢。
Description
NFS 2/3客戶端可以發送一個長參數給NFS服務,其參數被編碼后存儲在一個內存頁的數組里,并且可以使用指針變量訪問到。任意長的參數可以使這些指針指向數組之外,并導致內存越界訪問,遠程攻擊者可以使系統內核崩潰。
Affected
受影響發行版:
Ubuntu Ubuntu Linux 17.04
Ubuntu Ubuntu Linux 16.04 LTS
Redhat MRG Realtime for RHEL 6 Server 2
Oracle Enterprise Linux 7
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 7
受影響內核:
Solution
1. 升級內核打補丁(參考8、9、10的鏈接)
2. 使用 Grsecurity/PaX 對內核加固
Reference
1.? http://seclists.org/oss-sec/2017/q2/195
2. https://nvd.nist.gov/vuln/detail/CVE-2017-7645#vulnDescriptionTitle
3. http://www.securityfocus.com/bid/97950/info
4. https://www.suse.com/security/cve/CVE-2017-7645/
5. https://access.redhat.com/security/cve/cve-2017-7645
6. https://security-tracker.debian.org/tracker/CVE-2017-7645
7. https://people.canonical.com/~ubuntu-security/cve/2017/CVE-5.2017-7645.html
8. https://github.com/torvalds/linux/commit/e6838a29ecb484c97e4efef9429643b9851fba6e
9. https://github.com/torvalds/linux/commit/db44bac41bbfc0c0d9dd943092d8bded3c9db19b
10. https://github.com/torvalds/linux/commit/13bf9fbff0e5e099e2b6f003a0ab8ae145436309