Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 29 Jan 2015 14:31:11 +0000
From:      Gary Palmer <gpalmer@freebsd.org>
To:        Ian Smith <smithi@nimnet.asn.au>
Cc:        freebsd-security@freebsd.org, Nick Frampton <nick.frampton@akips.com>, jungle Boogie <jungleboogie0@gmail.com>
Subject:   Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
Message-ID:  <20150129143111.GA29167@in-addr.com>
In-Reply-To: <20150130011402.P36378@sola.nimnet.asn.au>
References:  <mailman.92.1422446402.71362.freebsd-security@freebsd.org> <20150128194011.2175B19F@hub.freebsd.org> <20150128211910.80082283DA18@rock.dv.isc.org> <54C966BF.9000803@rewt.org.uk> <54C9837C.8090704@akips.com> <CAKE2PDsC8dvx23H5DZ_b90F7PmPr3LB8kyw68SbuHgF4Hb%2BnkA@mail.gmail.com> <20150130011402.P36378@sola.nimnet.asn.au>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Fri, Jan 30, 2015 at 01:20:56AM +1100, Ian Smith wrote:
> On Wed, 28 Jan 2015 17:01:50 -0800, jungle Boogie wrote:
>  > Hi Nick,
>  > On Jan 28, 2015 4:56 PM, "Nick Frampton" <nick.frampton@akips.com> wrote:
>  > >
>  > > On 29/01/15 08:46, Joe Holden wrote:
>  > >>
>  > >> Really, how many SCTP users are there om the wild... maybe one?
>  > >>
>  > >> It shouldn't be in GENERIC at the very least!
>  > >
>  > >
>  > > We use Netflow over SCTP in our network monitoring product, so it would
>  > be a pain to have to build a custom kernel.
>  > 
>  > But also a pain to have an exploit when it could be prevented.
> 
> Are you vulnerable to an SCTP exploit if you're not using SCTP?

>From one of the advisories (FreeBSD-SA-15:02.kmem):

-- QUOTE --
An unprivileged process can read or modify 16-bits of memory which              
belongs to the kernel.  This smay lead to exposure of sensitive                 
information or allow privilege escalation.                                      
-- ENDQUOTE --

So even if you don't use SCTP, if someone got a shell on your box
they could potentially use SCTP to get root or modify kernel memory
to break out of a jail, etc.

In other words, you don't necessarily need to use SCTP to be affected
by vulnerabilities in it.

Regards,

Gary

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150129143111.GA29167>