** Changed in: linux (Ubuntu Trusty)
Status: New => Fix Committed
** Changed in: linux (Ubuntu Utopic)
Status: New => Fix Committed
** Description changed:
- Linux kernel crypto api unprivileged arbitrary module load
+ The Crypto API in the Linux kernel before 3.18.5 allows local users to
+ load arbitrary kernel modules via a bind system call for an AF_ALG
+ socket with a module name in the salg_name field, a different
+ vulnerability than CVE-2014-9644.
Break-Fix: 03c8efc1ffeb6b82a22c1af8dd908af349563314
5d26a105b5a73e5635eae0629b42fa0a90e07b7b
Break-Fix: 03c8efc1ffeb6b82a22c1af8dd908af349563314
3e14dcf7cb80b34a1f38b55bc96f02d23fdaaaaf
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1415507
Title:
CVE-2013-7421
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1415507/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
