The DHCP vulnerability in Red Hat Linux helps hackers execute remote code

Security researchers at Google have discovered a serious remote command-line vulnerability on Red Hat Linux's DHCP software and derivative versions of the Fedora operating system.

Placed code CVE-2018-1111, this vulnerability allows an attacker to execute remote code without root privileges on the victim machine.

Whenever the computer joins the network, DHCP software will allow the machine to automatically receive network configuration parameters such as IP addresses and DNS servers from DHCP servers (Dynamic Host Control Protocol).

The vulnerability is on the NetworkManager integration script in the DHCP client packages. Felix Wilhelm from Google's security team discovered that the attacker had a malicious DHCP server or connected to the same network as the victim, which could be exploited by faking DHCP responses, eventually executing the code on the machine. victim.

The DHCP vulnerability in Red Hat Linux helps hackers execute remote code Picture 1 The DHCP vulnerability in Red Hat Linux helps hackers execute remote code Picture 1
Update affected DHCP versions to avoid attack

The details of this vulnerability were not disclosed by him and said that the code for proving the PoC was short, including a tweet was enough. Barkın Kılıç, a researcher from Turkey, posted the PoC code on Twitter.

Red Hat confirmed that this vulnerability affects Red Hat Linux 6 and 7 and everyone who is using affected DHCP clients should update the latest version immediately.

'Users should disable or delete affected scripts, but this will prevent some configurations from being given by the DHCP server to the machine, such as the NTP address or NIS server , ' Red Hat said.

Fedora also released new HDCP versions that fix bugs for Fedora 26, 27 and 28.

Other Linux kernels such as OpenSUSE or Ubuntu are not affected by DHCP not using the NetworkManager script by default.

See more: