Community discussions

MUM Europe 2020
 
deejayq
Member Candidate
Member Candidate
Topic Author
Posts: 195
Joined: Wed Feb 23, 2011 8:33 am

Critical Linux Kernel Vulnerability (Kernel 3.8 and above) CVE-2016-0728 - is RouterOS affected???

Wed Jan 20, 2016 7:45 am

A root escalation vulnerability has been discovered in the recent Linux kernels starting with kernel 3.8. The following operating systems are known to be at risk/vulnerable:

Red Hat Enterprise Linux 7
CentOS Linux 7
Scientific Linux 7
Debian Linux stable 8.x (jessie)
Debian Linux testing 9.x (stretch)
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
Ubuntu Linux 14.04 LTS (Trusty Tahr)
Ubuntu Linux 15.04 (Vivid Vervet)
Ubuntu Linux 15.10 (Wily Werewolf)
Opensuse Linux LEAP and version 13.2

Centos/Redhat already have released patches, these can be installed by running as root:

yum update

then reboot once the new patched kernel is installed.

Ubuntu/Debian have also released patches and the process is similar:

apt-get update
apt-get upgrade

then reboot once the new patched kernel is installed.


Other distributions will release patches, it's best to check your distribution's website for more information.

These are a few links to the incident:

https://bugzilla.redhat.com/show_bug.cgi?id=1297475
http://www.cyberciti.biz/faq/linux-cve- ... ility-fix/
https://threatpost.com/serious-linux-ke ... ed/115923/
http://www.cve.mitre.org/cgi-bin/cvenam ... =2016-0728
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1730
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: Critical Linux Kernel Vulnerability (Kernel 3.8 and above) CVE-2016-0728 - is RouterOS affected???

Wed Jan 20, 2016 7:58 am

RouterOS v6 uses Linux Kernel v3.3.5, RouterOS v7 will use "latest" for the moment of release.
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
pe1chl
Forum Guru
Forum Guru
Posts: 6233
Joined: Mon Jun 08, 2015 12:09 pm

Re: Critical Linux Kernel Vulnerability (Kernel 3.8 and above) CVE-2016-0728 - is RouterOS affected???

Wed Jan 20, 2016 11:40 am

And the vulnerability is an escalation to root privileges from a normal user process.
AFAIK there is no way to start a user process on a MikroTik router.
(I would like to have a shell to peek around to see what certain configs are doing at the kernel level but I don't think it can be done short of some debug option that is not easy to switch on)

Who is online

Users browsing this forum: Google [Bot], MSN [Bot], Sob and 100 guests