A stack overflow flaw was found in the Linux kernel’s TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
A stack overflow flaw was found in the Linux kernel’s TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.
Red Hat recommends to use transport level to separate and/or secure (by both encrypting and authenticating via eg. IPSec/MACSec) the communication between nodes. This limits the exposure of this issue to semi-trusted nodes.
The TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module.
Loading the module can be prevented with the following instructions:
# echo "install tipc /bin/true" >> /etc/modprobe.d/disable-tipc.conf
The system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use.
If the system requires this module to work correctly, this mitigation may not be suitable.
Vulmon