ASA-201801-3 - log back

ASA-201801-3 created at 25 Sep 2019 19:32:14
Workaround
+ BPF related issues can be circumvented by disabling unprivileged BPF:
+
+ sysctl -w kernel.unprivileged_bpf_disabled=1
+
+ On systems that do not already have the dccp module loaded,
+ CVE-2017-8824 can be mitigated by disabling it:
+
+ echo >> /etc/modprobe.d/disable-dccp.conf install dccp false
Impact
+ A local unprivileged attacker is able to escalate privileges, crash the system, read memory from arbitrary addresses including from the kernel and all other processes running on the system or obtain sensitive information by sniffing an nlmon interface for all Netlink activity on the system.