Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 28 Apr 2014 11:38:12 -0700
From: Andy Lutomirski <>
Subject: Re: CVE-2014-0181: Linux network reconfiguration due to incorrect
 netlink checks

On Tue, Apr 22, 2014 at 8:01 PM, Andy Lutomirski <> wrote:
> On Apr 22, 2014 2:37 PM, "Andy Lutomirski" <> wrote:
>> It is possible to reconfigure the network on Linux by calling write(2)
>> on an appropriately connected network socket.  By passing such a
>> socket as stdout or stderr to a setuid program, anyone can reconfigure
>> the network.
> s/network socket/netlink socket

The fix is here:

It depends on a few commits immediately preceding it as well as

So far the fix has not made it to Linus' tree or to -stable.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ