fix dccp in kernel cve-2017-6074

Tracked by Jolla

asked 2017-02-22 22:02:47 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-02-22 22:03:34 +0300

lpr gravatar image

new linux-kernel vulnerability in dccp protocol in kernel (cve-2017-6074). some investigation on my jolla1-2.1.0.9 $ cat /boot/config-3.4.108.20161101.1 | grep DCCP shows CONFIG_NF_CT_PROTO_DCCP=y # CONFIG_NETFILTER_XT_MATCH_DCCP is not set CONFIG_NF_NAT_PROTO_DCCP=y # CONFIG_IP_DCCP is not set so dccp is active... please fix this with available patch

edit retag flag offensive close delete

Comments

2

@lpr Thanks for reporting. Added bz ticket for this.

spiiroin ( 2017-02-23 11:43:37 +0300 )edit

@spiiroin at least in jolla mobiles this vulnerability seems not to be present according to openwall (CONFIG_IP_DCCP needs to be set, too) but for jolla-partners & mer-servers I can't tell... so cve-2016-8655 and cve-2015-3288 should be in focus but the easy three-line-patch for this should be added to sources.

lpr ( 2017-02-23 14:41:14 +0300 )edit