CVE-2020-1603 vulnerability filed by Juniper, as a matter of fact, it includes all the routing product who make use of linux base OS – 12th Jan 2020

Preface: kdump is a feature of the Linux kernel that creates crash dumps in the event of a kernel crash. When triggered, kdump exports a memory image (also known as vmcore) that can be analyzed for the purposes of debugging and determining the cause of a crash.

Vulnerability details: Improper handling of specific IPv6 packets sent by clients mbuf and let memory leak occurs. This memory leak eventually leads to a kernel crash (vmcore), or the device hanging and requiring a power cycle to restore service, creating a Denial of Service (DoS) condition.

Official announcement and remedy solution:https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10982&cat=SIRT_1&actp=LIST

Additional possibilities – handling IPv6 packet design weakness

a. The server side sets IPV6_RECVPKTINFO on a listening socket, and the client side just sends a message to the server. Then the kernel panic occurs on the server.

b. net.ipv6.conf.eth0.max_addresses=16 It is not recommended to set this value too large (or to zero) because it would be an easy way to crash the kernel by allowing too many addresses to be created.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.