First published: Wed Jan 14 2015(Updated: )
It was reported [1] that iptables can allow protocols that do not have a protocol handler kernel module loaded. Given following iptables ruleset: -P FORWARD DROP -A FORWARD -m sctp --dport 9 -j ACCEPT -A FORWARD -p tcp --dport 80 -j ACCEPT -A FORWARD -p tcp -m conntrack -m state ESTABLISHED,RELATED -j ACCEPT One would assume that this allows SCTP on port 9 and TCP on port 80. Unfortunately, if the SCTP conntrack module is not loaded, this allows *all* SCTP communication to pass through, i.e. -p sctp -j ACCEPT [1]: <a href="http://www.spinics.net/lists/netfilter-devel/msg33430.html">http://www.spinics.net/lists/netfilter-devel/msg33430.html</a>
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | <3.18 | |
openSUSE | =13.1 | |
SUSE Linux Enterprise Desktop with Beagle | =12 | |
SUSE Linux Enterprise Real Time Extension | =11-sp3 | |
SUSE Linux Enterprise Server | =11-sp1 | |
SUSE Linux Enterprise Server | =12 | |
SUSE Linux Enterprise Software Development Kit | =12 | |
SUSE Linux Enterprise Workstation Extension | =12 | |
redhat enterprise Linux desktop | =6.0 | |
redhat enterprise Linux desktop | =7.0 | |
redhat enterprise Linux server | =6.0 | |
redhat enterprise Linux server | =7.0 | |
redhat enterprise Linux server aus | =6.5 | |
redhat enterprise Linux server aus | =6.6 | |
redhat enterprise Linux server aus | =7.3 | |
redhat enterprise Linux server aus | =7.6 | |
redhat enterprise Linux server eus | =6.5 | |
redhat enterprise Linux server eus | =6.6 | |
redhat enterprise Linux server eus | =7.3 | |
redhat enterprise Linux server eus | =7.4 | |
redhat enterprise Linux server eus | =7.5 | |
redhat enterprise Linux server eus | =7.6 | |
redhat enterprise Linux server eus | =7.7 | |
redhat enterprise Linux server tus | =6.5 | |
redhat enterprise Linux server tus | =6.6 | |
redhat enterprise Linux server tus | =7.6 | |
redhat enterprise Linux server tus | =7.7 | |
redhat enterprise Linux workstation | =6.0 | |
redhat enterprise Linux workstation | =7.0 | |
Debian GNU/Linux | =7.0 | |
Debian GNU/Linux | =8.0 | |
Ubuntu Linux | =12.04 | |
Ubuntu Linux | =14.04 | |
Ubuntu Linux | =14.10 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.13-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-8160 is considered a medium severity vulnerability due to its impact on network traffic filtering.
To fix CVE-2014-8160, update to the latest patched version of the affected Linux kernel or iptables.
CVE-2014-8160 affects various Linux distributions including Debian, Ubuntu, and Red Hat, particularly those running specified versions of the Linux kernel.
CVE-2014-8160 is a vulnerability in the iptables firewall implementation related to the handling of unsupported protocols.
Yes, CVE-2014-8160 can potentially be exploited remotely if the iptables rules are not correctly configured, allowing unauthorized traffic.