Remote Command Execution Vulnerability in Linux Kernel RT Package by Red Hat
CVE-2016-3707

8.1HIGH

Key Information:

Vendor

Linux
Status
Linux Kernel-rt
Enterprise Linux For Real Time
Enterprise Linux For Real Time For Nfv
Vendor
CVE Published:
27 June 2016

What is CVE-2016-3707?

The icmp_check_sysrq function in the Linux kernel RT package allows remote attackers to execute arbitrary SysRq commands through specially crafted ICMP Echo Request packets. This can occur via brute-force attempts to guess a specific cookie or by exploiting access to local ICMP echo request configuration files. Such vulnerabilities can lead to significant security risks, enabling attackers to manipulate the kernel and perform unauthorized actions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2016:1341
vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
https://access.redhat.com/errata/RHSA-2016:1301
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.