Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Sun, 02 Nov 2014 12:57:45 +0100
From: Florian Weimer <>
Subject: CVE-2014-7207 assignment: Debian-specific Linux 3.2 backport issue

Debian has assigned CVE-2014-7207 to the following issue:

    Several Debian developers reported an issue in the IPv6 networking
    subsystem. A local user with access to tun or macvtap devices, or
    a virtual machine connected to such a device, can cause a denial
    of service (system crash).

    This update includes a bug fix related to CVE-2014-7207 that
    disables UFO (UDP Fragmentation Offload) in the macvtap, tun, and
    virtio_net drivers. This will cause migration of a running VM from
    a host running an earlier kernel version to a host running this
    kernel version to fail, if the VM has been assigned a virtio
    network device. In order to migrate such a VM, it must be shut
    down first.

The bug report with a few more details is here:


We believe this is specific to Debian's Linux 3.2-based backport

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ