[HN Gopher] Internet Control Message Protocol (ICMP) Remote Code...
___________________________________________________________________
Internet Control Message Protocol (ICMP) Remote Code Execution
Vulnerability
Author : amenghra
Score : 13 points
Date : 2023-03-15 17:18 UTC (5 hours ago)
(HTM) web link (nvd.nist.gov)
(TXT) w3m dump (nvd.nist.gov)
| mdaniel wrote:
| I was going to say "surely this is against a specific
| _implementation_ " and would offer that linking to the Microsoft
| page would convey both pieces of information: the original link
| and to whom it applies: https://msrc.microsoft.com/update-
| guide/vulnerability/CVE-20...
|
| tl;dr
|
| > An attacker could send a low-level protocol error containing a
| fragmented IP packet inside another ICMP packet in its header to
| the target machine. To trigger the vulnerable code path, an
| application on the target must be bound to a raw socket.
| standardly wrote:
| Do you have any more insight as to how that might work? I'm not
| really grokking it, I work in networking and wonder if this is
| going to be a big patching effort soon. It's already a constant
| battle for us to have ICMP traffic allowed everywhere.
| mdaniel wrote:
| According to https://blog.talosintelligence.com/microsoft-
| patch-tuesday-f... it's an out of bounds write, which I
| interpret to mean it is luck of the draw about the "RCE"
| part, but almost certain about the Availability component of
| the CVSS score
|
| While TFA didn't mention the Patch Tuesday part, the Talos
| blog said the fix is included in the March release, along
| with some other venomous looking ones
___________________________________________________________________
(page generated 2023-03-15 23:02 UTC)