Red Hat: CVE-2016-3707: Important: kernel-rt security, bug fix, and enhancement update (RHSA-2016:1301)
Description
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
Solution(s)
- redhat-upgrade-kernel-rt
- redhat-upgrade-kernel-rt-debug
- redhat-upgrade-kernel-rt-debug-debuginfo
- redhat-upgrade-kernel-rt-debug-devel
- redhat-upgrade-kernel-rt-debuginfo
- redhat-upgrade-kernel-rt-debuginfo-common-x86_64
- redhat-upgrade-kernel-rt-devel
- redhat-upgrade-kernel-rt-doc
- redhat-upgrade-kernel-rt-trace
- redhat-upgrade-kernel-rt-trace-debuginfo
- redhat-upgrade-kernel-rt-trace-devel
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center