The URL field links to a full analysis of the bug which, for the time being, remains visible via Google webcache. Here is an excerpt: "... we have identified a problem with Linux kernel, the result of which was that secret random seed values (e.g., net_secret, syncookie_secret, inet_ehash_secret, etc.) were never initialized on some systems. This would mean that values such as IP IDs, TCP sequence numbers, and ephemeral port numbers become far more easily predictable than they should be. Affected systems would be vulnerable to a number of attacks." Linux 3.13 and 3.14 are reported to be affected. This is the commit that introduced the bug: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a48e429 This is the commit that fixes it: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/include/linux/net.h?id=3d44052
I looked into it further and found that it was fixed in 3.14.5 but not during the lifespan of 3.13. That places gentoo-sources off the hook so I'm not sure if there's anything to do here.
Please make this bug public, then close.
Fixed in 3.15
