Описание
Security update for conntrack-tools
Fix a possible crash if conntrackd sees DCCP, SCTP and ICMPv6 traffic and the corresponding kernel modules that track this traffic are not available. (bsc#942149, CVE-2015-6496)
Список пакетов
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
conntrack-tools-1.4.2-5.2
libnetfilter_cthelper0-1.0.0-7.1
libnetfilter_cttimeout1-1.0.0-9.1
SUSE Linux Enterprise High Availability Extension 12
conntrack-tools-1.4.2-5.2
libnetfilter_cthelper0-1.0.0-7.1
libnetfilter_cttimeout1-1.0.0-9.1
SUSE Linux Enterprise Software Development Kit 12
libnetfilter_cthelper-devel-1.0.0-7.1
libnetfilter_cthelper0-1.0.0-7.1
libnetfilter_cttimeout-devel-1.0.0-9.1
libnetfilter_cttimeout1-1.0.0-9.1
Ссылки
- Link for SUSE-SU-2015:1545-1
- E-Mail link for SUSE-SU-2015:1545-1
- SUSE Security Ratings
- SUSE Bug 942149
- SUSE Bug 944339
- SUSE CVE CVE-2015-6496 page
Описание
conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service (crash) via a (1) DCCP, (2) SCTP, or (3) ICMPv6 packet.
Затронутые продукты
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:conntrack-tools-1.4.2-5.2
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:libnetfilter_cthelper0-1.0.0-7.1
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5:libnetfilter_cttimeout1-1.0.0-9.1
SUSE Linux Enterprise High Availability Extension 12:conntrack-tools-1.4.2-5.2
Ссылки
- CVE-2015-6496
- SUSE Bug 942149