Recently, Tencent security team has submitted two old ancestor Linux X.25 (packet switching network) socket 0day vulnerability to the Linux community. This vulnerability exists in almost all Linux kernel versions, which can co-exist and enhance permissions, and control all resources of enterprises on Linux system. Tencent security issued a high-level security risk warning against the vulnerability, and disclosed relevant details according to the Linux community rules. Currently, the vulnerability has not been fixed. Tencent security reminds Linux users to pay close attention to the latest security updates.
10. DTE (25) is a free data exchange protocol between DTE and DTE devices. Linux kernel has been widely used since the introduction of X.25 protocol in 1996. This vulnerability also exists in various versions, until now it has been found for the first time.
Through analysis, Tencent security experts found that there are many stack overrun vulnerabilities when Linux implements X.25 socket related functions, among which the stack crossing write vulnerability composed of multiple X.25 socket related vulnerabilities is the most serious, which will cause kernel data to be modified and the system to be controlled. All systems using X.25 interface protocol may be affected.
Launching attacks using day 0 vulnerability is often sudden and destructive, Ripple 20 June this year day vulnerability puts hundreds of millions of IoT devices worldwide at risk of remote attacks. 0 day Vulnerability due
In view of the characteristics of X.25 socket 0day vulnerability disclosed this time, Tencent security experts suggest that users temporarily disable the x25.ko kernel module to avoid the impact of the vulnerability. At the same time, Tencent security also suggests that enterprise users can access Tencent zero trust security management system IOA for threat investigation, and use Tencent security advanced threat detection system to defend against possible hacker attacks at any time. In addition to the cloud firewall and cloud security, Tencent can not choose the security of the enterprise.
- THE END -
Reprint please indicate the source: fast technology