Solved: Determining Linux Kernel (Cisco ASA 5506)

muddyboots · ‎03-10-2022

Hi, we are looking to find out what kernel the Cisco ASA 5506 is using, I have been trying to find out if there is a way to switch to standard linux shell commands via SSH without any luck.

I've read that it might be based on Redhat, or at least for Firepower IPS it is.

Essentially we are concerned about the recent CVE-2022-0847 aka 'Ditry Pipe' vulnerability that effects the following kernel versions:

Linux Kernel up to 5.10.101/5.15.24/5.16.10

Thanks for your help.

Rob Ingram · ‎03-10-2022

@muddyboots I don't know the underlying kernel, but checking CVE-2022-0847 against the cisco security advisories site reveals the ASA is not vulnerable

https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

View solution in original post

Rob Ingram · ‎03-10-2022

@muddyboots I don't know the underlying kernel, but checking CVE-2022-0847 against the cisco security advisories site reveals the ASA is not vulnerable

https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

Marvin Rhoads · ‎03-10-2022

ASA itself does not use Linux. If you have the Firepower service module it is built on top of a customized version of RHEL. The RHEL version depends on the Firepower version. For instance, I just checked one running Firepower 6.6.5 and it reports as follows:

admin@DC-SRF:~$ uname -r
4.14.187sf.cisco-3

Although as @Rob Ingram noted, Cisco has determined they are not affected.

muddyboots · ‎03-11-2022

Thanks both, that's been extremely useful!