** Description changed: - [iptables restriction bypass if a protocol handler kernel module not - loaded] + net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before + 3.18 generates incorrect conntrack entries during handling of certain + iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, + which allows remote attackers to bypass intended access restrictions via + packets with disallowed port numbers. Break-Fix: - db29a9508a9246e77087c5531e45b2c88ec6988b
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1413109 Title: CVE-2014-8160 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1413109/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
