On Fri, Jan 30, 2015 at 01:20:56AM +1100, Ian Smith
wrote:> On Wed, 28 Jan 2015 17:01:50 -0800, jungle Boogie wrote:
> > Hi Nick,
> > On Jan 28, 2015 4:56 PM, "Nick Frampton" <nick.frampton
at akips.com> wrote:
> > >
> > > On 29/01/15 08:46, Joe Holden wrote:
> > >>
> > >> Really, how many SCTP users are there om the wild... maybe
one?
> > >>
> > >> It shouldn't be in GENERIC at the very least!
> > >
> > >
> > > We use Netflow over SCTP in our network monitoring product, so
it would
> > be a pain to have to build a custom kernel.
> >
> > But also a pain to have an exploit when it could be prevented.
>
> Are you vulnerable to an SCTP exploit if you're not using SCTP?
>From one of the advisories (FreeBSD-SA-15:02.kmem):
-- QUOTE --
An unprivileged process can read or modify 16-bits of memory which
belongs to the kernel. This smay lead to exposure of sensitive
information or allow privilege escalation.
-- ENDQUOTE --
So even if you don't use SCTP, if someone got a shell on your box
they could potentially use SCTP to get root or modify kernel memory
to break out of a jail, etc.
In other words, you don't necessarily need to use SCTP to be affected
by vulnerabilities in it.
Regards,
Gary