[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

A vulnerability seems to have been discovered in the Linux HDLC driver.

This is Yamada from the Systems Department.

The culprit was a very old vulnerability in the Linux kernel announced on March 7th.
Primary source
CVE-2017-2636


kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline. A race condition in the ``.c'' driver can cause local user privilege acquisition and denial of service (double open) via HDLC line control. (slightly appropriate translation)

HDLC (High-Level Data Link Control) is a communication technology that performs point-to-multipoint communication and
was used in modems and ISDN, which are no longer commonplace.

Pihyorohyoro. The screen is Windows

Just because you're not using a modem driver doesn't mean you don't have to worry about
it .


The n_hdlc kernel module will be automatically loaded when an application attempts to use the HDLC line discipline from userspace.

It seems like you need to be careful.

On this page, as a workaround

​# echo "install n_hdlc /bin/true" >> /etc/modprobe.d/disable-n_hdlc.conf

He has posted a countermeasure to prevent the n_hdlc module from being loaded by restarting.

This applies to Red Hat Enterprise Linux 6, 7, and Red Hat Enterprise MRG 2, so
be sure to check the release of these update patches.

Now, for those who use Beyond's MSP, we take care of everything from checking for security vulnerabilities to responding to them.
If you are tired of dealing with vulnerabilities that are being announced one after another, you can feel better by consulting here !

If you found this article helpful , please give it a like!
0
Loading...
0 votes, average: 0.00 / 10
630
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[Osaka/Yokohama] Actively recruiting infrastructure engineers and server side engineers!

[Osaka/Yokohama] Actively recruiting infrastructure engineers and server side engineers!

The person who wrote this article

About the author