Date: Wed, 14 Jan 2015 00:53:19 -0500 (EST) From: Wade Mealing <wmealing@...hat.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org, Florian Weimer <fweimer@...hat.com>, Daniel Borkmann <dborkman@...hat.com> Subject: CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP module is loaded CVE-2014-8160 has been assigned to this issue in net/netfilter/nf_conntrack_proto_generic.c that can allow protocols that do not have a protocol handler kernel module loaded through the iptables firewall even if explicitly denied by rule. For more detail see: http://www.spinics.net/lists/netfilter-devel/msg33430.html Wade Mealing -- Red Hat -- Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.