Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 14 Jan 2015 00:53:19 -0500 (EST)
From: Wade Mealing <>
Cc:, Florian Weimer <>,
        Daniel Borkmann <>
Subject: CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP
 module is loaded

CVE-2014-8160 has been assigned to this issue in net/netfilter/nf_conntrack_proto_generic.c
that can allow protocols that do not have a protocol handler kernel module loaded
through the iptables firewall even if explicitly denied by rule.

For more detail see:

Wade Mealing -- Red Hat -- Product Security

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ