Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 615480 (CVE-2016-10229) - kernel: net: Unsafe second checksum calculation in udp.c
Summary: kernel: net: Unsafe second checksum calculation in udp.c
Status: RESOLVED FIXED
Alias: CVE-2016-10229
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal critical (vote)
Assignee: Gentoo Kernel Security
URL:
Whiteboard:
Keywords:
: 616922 (view as bug list)
Depends on:
Blocks:
 
Reported: 2017-04-13 20:30 UTC by Thomas Deutschmann (RETIRED)
Modified: 2022-03-25 22:59 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-04-13 20:30:47 UTC 
A flaw was found in the Linux kernel which allows remote attackers to crash the system or corrupt kernel memory, possibly leading to arbitrary code execution, via UDP traffic that triggers an unsafe second checksum calculation during the execution of a recv system call with the MSG_PEEK flag.

Upstream patch:

https://github.com/torvalds/linux/commit/197c949e7798fbf28cfadc69d9ca0c2abbf93191

References:

http://source.android.com/security/bulletin/2017-04-01.html
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-04-13 20:33:25 UTC 
CVE-2016-10229

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
Comment 2 Thomas Deutschmann (RETIRED) gentoo-dev 2017-04-13 20:57:00 UTC 
Fixed in

>=sys-kernel/gentoo-source-4.4.21
>=sys-kernel/gentoo-source-3.12.53
>=sys-kernel/gentoo-source-3.10.103
>=sys-kernel/gentoo-source-3.4.113
>=sys-kernel/gentoo-source-3.2.76

Patch is currently missing in gentoo-source-4.1.x (already reported, https://www.spinics.net/lists/stable/msg167671.html)
Comment 3 Mike Pagano gentoo-dev 2017-04-15 14:08:54 UTC 
Released in gentoo-sources-4.1.39-r1

commit b8d213a1983935e8741527f7a87ff63f1a44e648
Author: Mike Pagano <mpagano@gentoo.org>
Date:   Fri Apr 14 15:17:28 2017 -0400

    Fix for CVE-2016-10229. Unsafe second checksum calculation in udp.c. See bug #615480.
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2017-04-29 02:34:19 UTC 
*** Bug 616922 has been marked as a duplicate of this bug. ***
Comment 5 Alice Ferrazzi Gentoo Infrastructure gentoo-dev 2017-04-29 14:44:54 UTC 
Mask sys-kernel/vanilla-sources-4.1.39

commit 9f7aab68a74249534e48c2745b9f480f427859d1
Author:     Alice Ferrazzi <alicef@gentoo.org>
AuthorDate: Sat Apr 29 14:54:44 2017 +0100
Commit:     Alice Ferrazzi <alicef@gentoo.org>
CommitDate: Sat Apr 29 14:54:44 2017 +0100

    profiles/: Mask sys-kernel/vanilla-sources-4.1.39.
Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev 2017-04-29 22:31:20 UTC 
*** Bug 616922 has been marked as a duplicate of this bug. ***
Comment 7 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-25 22:59:48 UTC 
Fix in 4.5