PSIRT Advisory

CVE-2016-10229 Linux Kernel ipv4/udp.c Remote Code Execution Vulnerability

Summary

Multiple Fortinet products may be affected by the following Linux Kernel vulnerability:


CVE-2016-10229 Linux Kernel ipv4/udp.c Remote Code Execution Vulnerability


udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag


However, note there is no recorded successful attack on Fortinet products.

Impact

Execute unauthorized code or commands

Affected Products

FortiAP (including S/W2 series) - 5.6.0, 5.4.3 and below

FortiAnalyzer - 5.4.2 and below

FortiOS - 5.6.0 and below

FortiSwitch - 3.6.2 and below

Solutions

The following products were patched on a precaution basis:


FortiAP (including S/W2 series)  - upgrade to 5.4.4 or 5.6.1 and above

FortiAnalyzer - upgrade to 5.4.3 or above

FortiOS - upgrade to 5.6.1 or above

FortiSwitch - upgrade to 3.6.3 or above