FS#39566 - [linux] CVE-2014-2568 net: potential information leak when ubuf backed skbs are skb_zerocopy()ied
Attached to Project:
Arch Linux
Opened by Billy Wayne McCann (bwayne) - Friday, 21 March 2014, 12:44 GMT
Last edited by Thomas Bächler (brain0) - Friday, 21 March 2014, 19:03 GMT
Opened by Billy Wayne McCann (bwayne) - Friday, 21 March 2014, 12:44 GMT
Last edited by Thomas Bächler (brain0) - Friday, 21 March 2014, 19:03 GMT
|
Details
Description:
net: potential information leak when ubuf backed skbs are skb_zerocopy()ied MITRE assigned cve CVE-2014-0131 to this issue on Thu, 20 Mar 2014.[0] An upstream patch is available.[1] The patch has been attached to this entry. Resolution: patch Additional info: * package version(s) 3.13.6 [0] http://seclists.org/oss-sec/2014/q1/630 [1] https://lkml.org/lkml/2014/3/20/421 |
This task depends upon
Closed by Thomas Bächler (brain0)
Friday, 21 March 2014, 19:03 GMT
Reason for closing: Not a bug
Additional comments about closing: skb_zerocopy is only a thing in 3.14, does not affect any Arch kernels.
Friday, 21 March 2014, 19:03 GMT
Reason for closing: Not a bug
Additional comments about closing: skb_zerocopy is only a thing in 3.14, does not affect any Arch kernels.
Comment by
Florian Pritz (bluewind) - Friday,
21 March 2014, 13:16 GMT
Comment by
Billy Wayne McCann (bwayne) -
Friday, 21 March 2014, 13:26 GMT
That link has a reply mentioning that the patch (v3) is bugged.
Apologies for not following the replies. Still learning the ropes.
(The "patch" mark on oss-security ML was a bit premature, I
suppose.)