Linux Kernel DCCP Message Processing Memory Corruption Vulnerability

Linux Kernel DCCP Message Processing Memory Corruption Vulnerability

Release date:
Updated on:

Affected Systems:
Linux kernel 3.4.x
Linux kernel 3.2.x
Linux kernel 3.13.x
Linux kernel 3.12.x
Linux kernel 3.10.x
Linux kernel 2.6.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-2523

Linux Kernel is the Kernel of the Linux operating system.

Linux Kernel 2.6.32.61, 3.2.55, 3.4.83, 3.10.33, 3.12.14, 3.13.6 in "dccp_new ()", "dccp_packet ()", "dccp_error () "a security vulnerability exists in the implementation of functions (net/netfilter/nf_conntrack_proto_dccp.c). Malicious users can use specially crafted DCCP data packets to destroy the kernel stack and execute arbitrary code without the core permission.

<* Source: vendor

Link: http://secunia.com/advisories/57446/
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.kernel.org/
Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = b22f5126a24b

Linux Kernel: click here
Linux Kernel: click here

The Linux kernel replaces iptables with nftables

Linux 3.12 code Suicidal Squirrel

How to install Linux 3.11 Kernel on Ubuntu

The Ubuntu 13.10 (Saucy Salamander) Kernel has been upgraded to Linux Kernel 3.10 RC5

Linux Kernel 3.4.62 LTS is now available for download

How to install Linux kernel 13.10 On Ubuntu 3.12