[security-announce] Kernel:netfilter: Security update

Sona Sarmadi sona.sarmadi at enea.com
Sat Feb 7 08:02:39 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

  		Enea Linux Security Advisory

=========================================================
Product/package: kernel (FSL kernel: 3.8.11)
Severity: Important
Issue date: 2015-02-07
CVE Names: CVE-2014-2523 incorrect skb_header_pointer API usages
Layer: meta-enea
=========================================================
A security patch that fixes a kernel vulnerability is now available
at http://linux.enea.com/4.0/patches:

README file: 0032-PPC-kernel-netfilter-CVE-2014-2523.patch
Patch file: 0032-PPC-kernel-netfilter-CVE-2014-2523.patch

Description
===========
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through
3.13.6 uses a DCCP header pointer incorrectly, which allows remote
attackers to cause a denial of service (system crash) or possibly
execute arbitrary code via a DCCP packet that triggers a call to the
(1) dccp_new, (2) dccp_packet, or (3) dccp_error function.

References
==========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2523

How to apply the patches
=======================
We recommend you to apply all existing relevant patches for your
release available at http://linux.enea.com/4.0/patches.

- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing FSL kernel patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
cd Enea-Linux-4.0/poky/meta-enea
wget
http://linux.enea.com/4.0/patches/0032-PPC-kernel-netfilter-CVE-2014-2523.patch
patch -p1 < ./0032-PPC-kernel-netfilter-CVE-2014-2523.patch


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU1biPAAoJEHc+9u9ocWoUTiAP/0aIvCH8RfrdDYL7ieErMhBc
LIBCs6zA2e4RCdtb3v+RLS/3zn1SYBUJQkXSyqdtoJqmZVdq6qLE/EHvL6S3GihT
VXtCrxpImdrgY8+r+0sdUEmNKy9cQrnIhZN2sSb6Z1lJB39YrCxIYZ0KNFk5ko6Q
XyDwlwJ8P2aXlFnfII3jlPR9MicJi13/YCLapCCn0aPw3eH8v0sL/BDzm/Cjp3BG
YncOTl0u4Q47FSa6dRYzr9Lx1NM39j0uowFlq0gUVLknTqJnMOFoaJDGXtG080fV
jW6PZnv6twPRyICd2Bt814TC3uyKIN833D2kWah9OABL6foeAQNz07m0eXWbVG0N
RDxFIt46QjmvJpK3eap+X/TX09uixR1WXRBSDK55gpLrPkIjQ26wCLaazc6jLsIL
t9S9rFP+NGYhx1LwT/dPN8nDBtU4mwWiueDSuZvLxmocdIDJCjMGjQcgeKB5hD9V
q2SgP8Ufy5U7+LYQAftcKLxVFvlgtcDHm2AgZ9crGlgfJW5KjZSXNaNJaGSutjdf
bSUGLlcIxrfX1Jyj/X9McqRcGk9u0j1ECoPhK2PgJ2Pv8CBAdo9jS4LXCwMkv6/r
lHeUdxRAfMtIcF0CuWYErsCnNCzeVIEozJ4zEiEtIunKWqX2nZ4SUOToFvSgPYdE
u6VseBJDueW/i80eKqbY
=p/qU
-----END PGP SIGNATURE-----



More information about the security-announce mailing list