- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
New Kernel Exploit (CVE-2016-0728)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Looks like there's a pretty serious exploit in the Linux kernel:
http://linux.slashdot.org/story/16/01/19/1326212/serious-linux-kernel-vulnerability-patched
Requires local access or a malicious app so ReadyNAS units are likely only vulnerable if they've got any add-ons installed. Might be worth trying to slip an update into the next RC.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Kernel Exploit (CVE-2016-0728)
Arikalish,
Thanks for sending this to us. I've submitted this to our engineering group.
I'm unsure what will be done about it at this point. I will up you via PM once I know more.
Alex
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Kernel Exploit (CVE-2016-0728)
Thanks for the quick response. Kernel updates are never fun. Understandable if it takes a little while to get cleared up.
Best,
Ari
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Kernel Exploit (CVE-2016-0728)
While this is a pretty bad vulnerability, it'd be pretty hard to exploit from the get-go on ReadyNAS. You'd have to be able to execute the file from the backend. If you're concerned, disable SSH access to your ReadyNAS until we patch it.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Kernel Exploit (CVE-2016-0728)
Good afternoon ReadyNAS Community,
Thank you for all who contributed to this thread. Please see the following update.
ReadyNAS OS 6.4.2 now available!
Any additional feedback if the issue is resolved or not is greatly appreciated.
Thank you for choosing NETGEAR!
ChristineT
NETGEAR Community Team
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: New Kernel Exploit (CVE-2016-0728)
Installed...working awesome!