CVE-2014-8160

 

Published at: - 02-03-2015 12:59

Last modified: - 21-09-2022 08:44

Total changes: - 3

Description

net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:N/I:P/A:N

 

Verification logic

 

Reference

• [oss-security] 20150114 CVE-2014-8160 Linux Kernel: SCTP firewalling fails until SCTP module is loaded-Mailing List, Patch, Third Party Advisory
• https://bugzilla.redhat.com/show_bug.cgi?id=1182059
• https://github.com/torvalds/linux/commit/db29a9508a9246e77087c5531e45b2c88ec6988b
• [netfilter-devel] 20140925 [PATCH nf] netfilter: conntrack: disable generic protocol tracking-Patch, Third Party Advisory
• http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db29a9508a9246e77087c5531e45b2c88ec6988b
• USN-2518-1-Third Party Advisory
• USN-2515-1-Third Party Advisory
• USN-2516-1-Third Party Advisory
• USN-2517-1-Third Party Advisory
• 72061-Third Party Advisory, VDB Entry
• USN-2514-1-Third Party Advisory
• USN-2513-1-Third Party Advisory
• RHSA-2015:0284-Third Party Advisory
• RHSA-2015:0674-Third Party Advisory
• RHSA-2015:0290-Third Party Advisory
• DSA-3170-Third Party Advisory
• SUSE-SU-2015:0529-Mailing List, Third Party Advisory
• MDVSA-2015:057-Third Party Advisory
• MDVSA-2015:058-Third Party Advisory
• SUSE-SU-2015:0652-Mailing List, Third Party Advisory
• SUSE-SU-2015:0736-Mailing List, Third Party Advisory
• openSUSE-SU-2015:0714-Mailing List, Third Party Advisory

 

Keywords

NVD

 

CVE-2014-8160

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures