First published: Wed Nov 04 2020(Updated: )
A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well on the Linux Based Products (RUGGEDCOM RM1224: All versions between v5.0 and v6.4, SCALANCE M-800: All versions between v5.0 and v6.4, SCALANCE S615: All versions between v5.0 and v6.4, SCALANCE SC-600: All versions prior to v2.1.3, SCALANCE W1750D: v8.3.0.1, v8.6.0, and v8.7.0, SIMATIC Cloud Connect 7: All versions, SIMATIC MV500 Family: All versions, SIMATIC NET CP 1243-1 (incl. SIPLUS variants): Versions 3.1.39 and later, SIMATIC NET CP 1243-7 LTE EU: Version
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:3.10.0-1160.21.1.rt56.1158.el7 | 0:3.10.0-1160.21.1.rt56.1158.el7 |
redhat/kernel | <0:3.10.0-1160.21.1.el7 | 0:3.10.0-1160.21.1.el7 |
redhat/kernel | <0:3.10.0-693.87.1.el7 | 0:3.10.0-693.87.1.el7 |
redhat/kernel | <0:3.10.0-957.76.1.el7 | 0:3.10.0-957.76.1.el7 |
redhat/kernel | <0:3.10.0-1062.49.1.el7 | 0:3.10.0-1062.49.1.el7 |
redhat/kernel-rt | <0:4.18.0-240.15.1.rt7.69.el8_3 | 0:4.18.0-240.15.1.rt7.69.el8_3 |
redhat/kernel | <0:4.18.0-240.15.1.el8_3 | 0:4.18.0-240.15.1.el8_3 |
redhat/kernel | <0:4.18.0-147.43.1.el8_1 | 0:4.18.0-147.43.1.el8_1 |
redhat/kernel-rt | <0:4.18.0-193.46.1.rt13.96.el8_2 | 0:4.18.0-193.46.1.rt13.96.el8_2 |
redhat/kernel | <0:4.18.0-193.46.1.el8_2 | 0:4.18.0-193.46.1.el8_2 |
Linux Linux kernel | <5.10.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Siemens RUGGEDCOM RM1224 | >=5.0<=6.4 | |
Siemens SCALANCE M-800 | >=5.0<=6.4 | |
Siemens SCALANCE S615 | >=5.0<=6.4 | |
Siemens SCALANCE SC-600 | <2.1.3 | 2.1.3 |
Siemens SCALANCE W1750D | =8.3.0.1=8.6.0=8.7.0 | |
Siemens SIMATIC MV500 Family | ||
Siemens SIMATIC CP 1243-7 LTE EU | >=3.1.39<3.3 | 3.3 |
Siemens SIMATIC CP 1243-7 LTE US | >=3.1.39<3.3 | 3.3 |
Siemens SIMATIC CP 1242-7 GPRS V2 | >=3.1.39<3.3 | 3.3 |
Siemens SIMATIC CP 1542SP-1 IRC (incl. SIPLUS variants) | >=2.0 | |
Siemens SIMATIC CP 1542SP-1 | >=2.0 | |
Siemens SIMATIC CP 1543-1 (incl. SIPLUS variants) | <3.0 | 3.0 |
Siemens SIMATIC CP 1543SP-1 (incl SIPLUS variants) | >=2.0 | |
Siemens SIMATIC CP 1545-1 | <1.1 | 1.1 |
redhat/kernel | <5.10 | 5.10 |
Google Android | ||
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
The mitigation is to disable ICMP destination unreachable messages. The commands to disable UDP port unreachable ICMP reply messages: iptables -I OUTPUT -p icmp --icmp-type destination-unreachable -j DROP service iptables save For additional information about "service iptables save" please read https://access.redhat.com/solutions/1597703 It is not recommended to apply this rule if host being used as forwarder (router) of IP packets. Or it is possible to use this firewall-cmd instead of iptables and the result is similar: firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p icmp --icmp-type destination-unreachable -j DROP
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)