ProHoster > Blog > internet news > Vulnerability in the Linux kernel that could cause a crash by sending a UDP packet
Vulnerability in the Linux kernel that could cause a crash by sending a UDP packet
In the Linux kernel identified vulnerability (CVE-2019-11683), which allows you to remotely cause a denial of service by sending specially designed UDP packets (packet-of-death). The problem is caused by a bug in the udp_gro_receive_segment handler (net/ipv4/udp_offload.c) with the implementation of GRO (Generic Receive Offload) technology and can lead to corruption of the contents of kernel memory areas when processing UDP packets with zero padding (empty payload).
The problem only affects the kernel 5.0, since GRO support for UDP sockets was implemented in November of last year and managed to get only in the last stable release of the kernel. GRO technology allows you to speed up the processing of a large number of incoming packets by aggregating multiple packets into larger blocks that do not require separate processing of each packet.
For TCP, the problem does not appear, since aggregation of packets without payload is not supported for this protocol.
The problem was found as a result use automated fuzzing testing system created by Google syzbot and analyzer KAZAN (KernelAddressSanitizer), aimed at identifying errors when working with memory and facts of incorrect memory access, such as accessing freed memory areas and placing code in memory areas not intended for such manipulations.