Linux Kernel’s IPv6 Implementation Flaw Let Attackers Execute Arbitrary Code

by Esmeralda McKenzie
Linux Kernel’s IPv6 Implementation Flaw Let Attackers Execute Arbitrary Code

Linux Kernel’s IPv6 Implementation Flaw Let Attackers Execute Arbitrary Code

Linux Kernel’s IPv6 Implementation Flaw Let Attackers Raise out Arbitrary Code

With a CVSS secure of 7.5, a excessive-severity IPv6 implementation disadvantage in the Linux kernel identified as CVE-2023-6200 allowed attackers to enact arbitrary code execution.

Due to this vulnerability, an attacker from an adjoining community might perhaps well perhaps also perhaps be able to transmit an ICMPv6 router commercial packet, which is a crucial fragment of the IPv6 protocol.

EHA

“A scamper situation used to be showcase in the Linux Kernel. Below particular conditions, an unauthenticated attacker from an adjoining community might perhaps well perhaps also send an ICMPv6 router commercial packet, causing arbitrary code execution”, reads the advisory from RedHat.

File

Slip Free ThreatScan on Your Mailbox

AI-Powered Protection for Trade Email Safety

Trustifi’s Evolved risk protection prevents the widest spectrum of sophisticated attacks sooner than they reach a client’s mailbox. Strive Trustifi Free Risk Scan with Sophisticated AI-Powered Email Protection .

Specifics of the Linux Kernel’s IPv6 Implementation Flaw

Whereas knowledge is transferred between nodes by the use of the Internet protocol (IP), different tasks comparable to error reporting, router discovery, diagnostics, and others must additionally be carried out for IP to work reliably. The Internet Serve watch over Message Protocol (ICMPv6) handles all of these capabilities in IPv6.

ICMPv6 affords a framework for Multicast Listener Discovery (MLD) and Neighbor Discovery (ND), which tackle the capabilities of communicating multicast community membership knowledge (the equal of the IGMP protocol in IPv4) and resolving addresses (carried out by ARP in IPv4).

“To trigger this disadvantage, the attacker occupy to be on the native community, IPV6, and the parameter find.ipv6.conf occupy to be enabled.[NIC].accept_ra enabled”, reads the advisory.

For Purple Hat Enterprise Linux, find.ipv6.conf.[NIC].accept_ra is disabled by default. Ideal native attacks are likely in the configuration that is decided by default.

Mitigation

The native community is most certainly the greatest problem where a a ways off assault can be capability. If param find.ipv6.conf.[NIC].accept_ra is disabled, then it’s not capability.

Check this param model with the next issue:

  • cat /proc/sys/find/ipv6/conf/default/accept_ra
  • or /proc/sys/find/ipv6/conf/eth0/accept_ra

(where eth0 is the establish of the networking interface).

IPV6 is deactivated ought to you can not enact this or if a equal issue and parameter accept_ra are unavailable.

Entire IPV6 disabling is performed if it’s not being utilized, and directions for doing so are available.

Fixes Released

This vulnerability is mounted by upgrading to kernel 6.7-rc7. Therefore, customers are in fact helpful to interchange to the most up-to-date version.

Source credit : cybersecuritynews.com

Related Posts