Autor: Alan Datum: To: tails-dev Betreff: Re: [Tails-dev] Upgrading the Linux kernel for 1.0?
Hi,
> anonym wrote (02 Apr 2014 14:50:51 GMT) :
> > Looking at the Debian changelog for the Linux kernel it seems only
> > these changes have CVE:s:
> Thanks for the research.
> I've had a look (details below) and my conclusion is that... I'm
> unsure if it's worth taking the risk of introducing regressions in
> 1.0. Other opinions?
>
> > * nfqueue: Orphan frags in nfqnl_zcopy() and handle errors
> > (CVE-2014-2568)
>
> Info leak triggered from the LAN.
> Do you know what kind of info can leak? "sensitive information from
kernel memory" could include cryptographic keys?
> > * net: fix for a race condition in the inet frag code
> > (CVE-2014-0100)
>
> use-after-free => DoS and "possibly [...] unspecified other impact"
> Over ICMP, so generally exploitable only on the LAN.
> Requires high CPU load on the attacked system.
> This one seems worth fixing.
> [...] >
> > * skbuff: skb_segment: orphan frags before copying (CVE-2014-0131)
>
> Info leak triggered from the LAN.
>
I'd say it's worth taking the risk of regressions, at least if the two
info leak might include cryptographic information leak.