Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security Linux

Severe Linux Kernel Flaw Found In RDS (sophos.com) 90

jwhyche (Slashdot reader #6,192) shared this article from Sophos: Linux systems running kernels prior to 5.0.8 require patching after news emerged of a high-severity flaw that could be remotely exploited.

According to the NIST advisory, CVE-2019-1181 is a race condition affecting the kernel's rds_tcp_kill_sock in net/rds/tcp.c "leading to a use-after-free, related to net namespace cleanup." The RDS bit refers to systems running the Reliable Datagram Sockets (RDS) for the TCP module, which means only systems that run applications using this are affected.

The attention-grabbing part is that this opens unpatched systems to remote compromise and denial of service without the need for system privileges or user interaction. On the other hand, the attack complexity is described as 'high', and any such attack would need to be launched from the local network.

This discussion has been archived. No new comments can be posted.

Severe Linux Kernel Flaw Found In RDS

Comments Filter:
  • Just patch as needed. If you do not use RDS (which will be most cases), no need to do anything urgently.

    • by markdavis ( 642305 ) on Saturday May 18, 2019 @05:33PM (#58615504)

      >"Just patch as needed. If you do not use RDS (which will be most cases), no need to do anything urgently."

      And even then, it is a local-only exploit that also requires a great deal of effort. Not sure I would call it a "severe flaw". Article:

      " any such attack would need to be launched from the local network. That explains why itâ(TM)s been given a CVSS 3.0 impact score of 5.9 with an exploitability score of only 2.2."

      " I havenâ(TM)t yet seen evidence to support allegations that this is remotely exploitable."

      " it requires the attacker to 'manipulate socket state while a network namespace is being torn down.' So, not easy then."

      • by gweihir ( 88907 )

        Indeed.

      • To be fair, a large number of computers are behind junk routers/firewalls that can be pwned with kits and then you have LAN. Like a DLink or Cisco.

        We must assume all vulnerabilities are in a context of systems now, not isolated.

    • RDS in Linux is Oracle code. Because TCP wasn't good enough for them.
      • by gweihir ( 88907 )

        So basically nobody besides them uses it? Also no surprise it is crap if it comes from Oracle....

    • If you do not use RDS (which will be most cases), no need to do anything urgently.

      Let's be clear about it: nonusers of RDS are the _vast_ majority of cases. I've never seen it used at all, actually. I guess there must be some setup that uses it, somewhere.

  • Because if it hasn't, there is a *big* delay in the posting queue. This was published, what, Monday?

  • Will it ever get better, or is worse the only thing to look forward to?
  • Does anyone know anybody who has ever set "CONFIG_RDS=y" (or "=m")? I cannot remember anyone doing that, ever.

Two can Live as Cheaply as One for Half as Long. -- Howard Kandel

Working...