[arch-security] [kernel] CVE-2014-2523 (fixed??) - netfilter: nf_conntrack_dccp: incorrect skb_header_pointer API usages :: FIXED??

Thomas Bächler thomas at archlinux.org
Tue Mar 18 09:33:43 EDT 2014


Am 18.03.2014 14:17, schrieb Billy McCann:
> Greetings all.
> 
> CVE-2014-2523 for linux kernel has been assigned. 
> 
> However, I'm having difficulty finding whether this issue is fixed in
> the current (Arch) kernel.  I'm thinking it has been, as the fixing
> commit was made on 06/01/2014. 
> 
> Confirmation requested.

This has been fixed since 3.13-rc5 ()v3.13-rc4-1370-gb22f512 to be
precise), but I don't know if it was backported to 3.10.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-security/attachments/20140318/ed3b6360/attachment.asc>


More information about the arch-security mailing list