CVE-2017-7397
Description
BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). This product enables net.ipv4.conf.all.log_martians by default. NOTE: the vendor reports "It has been proved that this vulnerability has no foundation and it is totally fake and based on false assumptions.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
References
- http://www.exploitalert.com/view-details.html?id=26361
- https://backbox.org/portal/blog/false-cve-backbox-46-unmasked
- https://cxsecurity.com/issue/WLB-2017040001
- https://forum.backbox.org/security-advisories/waiting-verification-backbox-os-denial-of-service/msg10218
- https://www.exploit-db.com/exploits/41781/
- http://www.exploitalert.com/view-details.html?id=26361
- https://backbox.org/portal/blog/false-cve-backbox-46-unmasked
- https://cxsecurity.com/issue/WLB-2017040001
- https://forum.backbox.org/security-advisories/waiting-verification-backbox-os-denial-of-service/msg10218
- https://www.exploit-db.com/exploits/41781/
CWEs
CWE-400
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.