Re: [Tails-dev] Upgrading the Linux kernel for 1.0?

This message is part of the following thread:
Mthe complete thread tree sorted by date
M\intrigeri at <-
MMJacob Appelbaum at ->
Delete this message

Reply to this message
Author: Alan
Date:  
To: tails-dev
Subject: Re: [Tails-dev] Upgrading the Linux kernel for 1.0?
Hi,

> anonym wrote (02 Apr 2014 14:50:51 GMT) :
> > Looking at the Debian changelog for the Linux kernel it seems only
> > these changes have CVE:s:
>
Thanks for the research.

> I've had a look (details below) and my conclusion is that... I'm
> unsure if it's worth taking the risk of introducing regressions in
> 1.0. Other opinions?
>
> > * nfqueue: Orphan frags in nfqnl_zcopy() and handle errors
> > (CVE-2014-2568)
>
> Info leak triggered from the LAN.
>
Do you know what kind of info can leak? "sensitive information from
kernel memory" could include cryptographic keys?

> > * net: fix for a race condition in the inet frag code
> > (CVE-2014-0100)
>
> use-after-free => DoS and "possibly [...] unspecified other impact"
> Over ICMP, so generally exploitable only on the LAN.
> Requires high CPU load on the attacked system.
> This one seems worth fixing.
>
[...]
>
> > * skbuff: skb_segment: orphan frags before copying (CVE-2014-0131)
>
> Info leak triggered from the LAN.
>

I'd say it's worth taking the risk of regressions, at least if the two
info leak might include cryptographic information leak.

Cheers

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-Re: [Tails-dev] Help needed/wished for 1.1 (Wheezy) tasks[Tails-dev] Please review and merge tails-greeter:bugfix/6959-persistent_printers->
lists.autistici.org administrated by postmasterLurker (version 2.3)