We have moved to a new Sailfish OS Forum. Please start new discussions there.
1 | initial version | posted 2017-07-25 16:53:17 +0200 |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
This was fixed for JollaC / aquafish in SFOS 2.0.4 but jolla1 still vulnerable.
Patch and kernel-3.2-Patch are identical, so kernel-3.4-sbj should see the same fix.
file affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/netfilter/nf_conntrack_proto_generic.c lines 15-19
2 | No.2 Revision |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
This was fixed for JollaC / aquafish in SFOS 2.0.4 but jolla1 still vulnerable.
Patch and kernel-3.2-Patch are identical, so kernel-3.4-sbj should see the same fix.
file affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/netfilter/nf_conntrack_proto_generic.c lines 15-19
3 | No.3 Revision |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
This was fixed for JollaC / aquafish in SFOS 2.0.4 but jolla1 is still vulnerable.
Patch and kernel-3.2-Patch are identical, so kernel-3.4-sbj kernel-3.4-adaptation-sbj should see the same fix.
file affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/netfilter/nf_conntrack_proto_generic.c lines 15-19
4 | No.4 Revision |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
This was fixed for JollaC / aquafish in SFOS 2.0.4 but jolla1 is still vulnerable.
Patch and kernel-3.2-Patch are identical, so kernel-3.4-adaptation-sbj should see the same fix.
file File affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/netfilter/nf_conntrack_proto_generic.c lines 15-19
5 | No.5 Revision |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
This was fixed for JollaC / aquafish in SFOS 2.0.4 but jolla1 is still vulnerable.vulnerable in 2.1.3.
Patch and kernel-3.2-Patch are identical, so kernel-3.4-adaptation-sbj should see the same fix.
File affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/netfilter/nf_conntrack_proto_generic.c lines 15-19
6 | No.6 Revision |
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.
This was fixed for JollaC / aquafish in SFOS 2.0.4 but jolla1 is still vulnerable in 2.1.3.SFOS 2.1.3.7 .
Patch and kernel-3.2-Patch are identical, so kernel-3.4-adaptation-sbj should see the same fix.
File affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/netfilter/nf_conntrack_proto_generic.c lines 15-19