New method of DoS?

[Nereg]

CVE-2022-0742: Remote Denial of Service on Linux Kernel >=5.13

Flooding icmp6 messages of type 130 or 131 is enough to exploit a memory leak in the kernel and cause the host to go out-of-memory. The volume of traffic doesn't need to be particularly high:

https://www.openwall.com/lists/oss-security/2022/03/15/3

maybe we can integrate this ?

[arriven]

@Nereg looks good, and it should be possible to easily integrate icmp requests into packetgen

[arriven]

Potentially could be a separate job though, packetgen requires root permission and it's probably not the best in terms of usability

[arriven]

https://pkg.go.dev/golang.org/x/net/icmp#example-PacketConn-NonPrivilegedPing
I'll leave it here for future reference along with https://pkg.go.dev/github.com/google/gopacket/layers#ICMPv6

[Nereg]

Working on a POC with python's scapy tool because I can't find any POCs for this CVE

[Nereg]

Sadly I can't replicate it on my kali machine.
Wireshark screenshot
Memory graph while the attack is running
Kernel version is Linux kali 5.15.0-kali3-amd64 #1 SMP Debian 5.15.15-2kali1 (2022-01-31) x86_64 GNU/Linux which should be vulnerable
I used IPv6(dst='your address')/ICMPv6EchoRequest(type=131, data=b'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa') packet in scapy

[olegrybtsov]

Верните плз процент успешных попыток атак.