[Bug 1415507] Re: CVE-2013-7421

John Johansen Wed, 04 Mar 2015 14:51:06 -0800

** Changed in: linux (Ubuntu Trusty)
       Status: New => Fix Committed


** Changed in: linux (Ubuntu Utopic)
       Status: New => Fix Committed

** Description changed:

- Linux kernel crypto api unprivileged arbitrary module load
+ The Crypto API in the Linux kernel before 3.18.5 allows local users to
+ load arbitrary kernel modules via a bind system call for an AF_ALG
+ socket with a module name in the salg_name field, a different
+ vulnerability than CVE-2014-9644.
  
  Break-Fix: 03c8efc1ffeb6b82a22c1af8dd908af349563314 
5d26a105b5a73e5635eae0629b42fa0a90e07b7b
  Break-Fix: 03c8efc1ffeb6b82a22c1af8dd908af349563314 
3e14dcf7cb80b34a1f38b55bc96f02d23fdaaaaf

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1415507

Title:
  CVE-2013-7421

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1415507/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1415507] Re: CVE-2013-7421

Reply via email to