Eric Dumazet of Google found a very dangerous remote execution bug in the Linux Kernel. It’s located in the recv-syscall with the MSG_PEEK-flag set. Attackers can remotely execute code on the target..
I used a google-dork to find vulnerable software:
MSG\_PEEK filetype:c
And found some possible targets:
- asterisk(chan_unistim.c,ooh323c-addon)
- pulseaudio
- systemd
- dnsmasq
- netcat
- busybox
- nginx
- The mirai-botnet
- The adore-ng kernel rootkit
I did not dig deeper in the source-code but this bug seems to have a reasonable impact.
Update: According to Eric Dumazets Google+-Site this bug seems to affect only a few releases