#VU49150 Use of insufficiently random values in Linux kernel
Vulnerability identifier: #VU49150
Vulnerability risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-330
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor:
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
External links
http://bugzilla.redhat.com/show_bug.cgi?id=1894579
http://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
http://lists.debian.org/debian-lts-announce/2020/12/msg00027.html
http://security.netapp.com/advisory/ntap-20201210-0002/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
