[USN-395-1] Linux kernel vulnerabilities
Martin Marcher
martin.marcher at openforce.com
Thu Dec 14 20:41:23 UTC 2006
Am 14.12.2006 um 21:07 schrieb Chuck Peters:
> On 12/13/06, Martin Pitt <martin.pitt at canonical.com> wrote:
>> ===========================================================
>> Ubuntu Security Notice USN-395-1 December 13, 2006
> ===========================================================
>> Details follow:
>>
>> Mark Dowd discovered that the netfilter iptables module did not
>> correcly handle fragmented packets. By sending specially crafted
>> packets, a remote attacker could exploit this to bypass firewall
>> rules. This has only be fixed for Ubuntu 6.10; the corresponding fix
>> for Ubuntu 5.10 and 6.06 will follow soon. (CVE-2006-4572)
>
> Any ETA or suggested work arounds for dapper users?
download a kernel from org
use the config provided by ubuntu
done
I have honestly no Idea which patches are in a ubuntu kernel, the
other option I'd try would be to get a kernel source package from
6.10 and compile it with the config from the version you are using,
that should also fix it
hth
martin
More information about the ubuntu-users
mailing list