On Fri, Jan 30, 2015 at 01:20:56AM +1100, Ian Smith wrote: > On Wed, 28 Jan 2015 17:01:50 -0800, jungle Boogie wrote: > > Hi Nick, > > On Jan 28, 2015 4:56 PM, "Nick Frampton" <nick.framp...@akips.com> wrote: > > > > > > On 29/01/15 08:46, Joe Holden wrote: > > >> > > >> Really, how many SCTP users are there om the wild... maybe one? > > >> > > >> It shouldn't be in GENERIC at the very least! > > > > > > > > > We use Netflow over SCTP in our network monitoring product, so it would > > be a pain to have to build a custom kernel. > > > > But also a pain to have an exploit when it could be prevented. > > Are you vulnerable to an SCTP exploit if you're not using SCTP?
>From one of the advisories (FreeBSD-SA-15:02.kmem): -- QUOTE -- An unprivileged process can read or modify 16-bits of memory which belongs to the kernel. This smay lead to exposure of sensitive information or allow privilege escalation. -- ENDQUOTE -- So even if you don't use SCTP, if someone got a shell on your box they could potentially use SCTP to get root or modify kernel memory to break out of a jail, etc. In other words, you don't necessarily need to use SCTP to be affected by vulnerabilities in it. Regards, Gary _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
