[arch-security] [kernel] CVE-2014-2523 (fixed??) - netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages :: FIXED??
Greetings all. CVE-2014-2523 for linux kernel has been assigned. However, I'm having difficulty finding whether this issue is fixed in the current (Arch) kernel. I'm thinking it has been, as the fixing commit was made on 06/01/2014. Confirmation requested. *Relevant info CVE details: https://access.redhat.com/security/cve/CVE-2014-2523 Introduced by: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2b... Upstream Fix: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b2... BW
Am 18.03.2014 14:17, schrieb Billy McCann:
Greetings all.
CVE-2014-2523 for linux kernel has been assigned.
However, I'm having difficulty finding whether this issue is fixed in the current (Arch) kernel. I'm thinking it has been, as the fixing commit was made on 06/01/2014.
Confirmation requested.
This has been fixed since 3.13-rc5 ()v3.13-rc4-1370-gb22f512 to be precise), but I don't know if it was backported to 3.10.
participants (2)
-
Billy McCann
-
Thomas Bächler