Bug 714867 (CVE-2011-2482)
Summary: | CVE-2011-2482 kernel: sctp dos | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Eugene Teo (Security Response) <eteo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | anton, bhu, davej, dhoward, dtian, eteo, fhrbata, jkacur, jpirko, kernel-mgr, kmcmartin, lgoncalv, lwang, plougher, pmatouse, rcvalle, rt-maint, security-response-team, sforsber, tcallawa, tgraf, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-05-10 08:09:45 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 714869, 714870, 714871, 715599, 748680, 753002 | ||
Bug Blocks: | 731905, 889992 |
Description
Eugene Teo (Security Response)
2011-06-21 07:09:37 UTC
Upstream commit: http://git.kernel.org/linus/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d Commit 68ef2a9129 introduced proper receive memory management but left out a chunk of upstream ea2bc483ff5 which was not needed at the time of the backport. A few months later, commit 73f34f99 backported the updated socket memory accounting which would have required the missing chunk. This resulted in the memory of the chunks on the reassmbly and lobby queue not being reclaimed when migrating a socket. Also the queues are assumed to be purged later on. Statement: This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit 3ab224be6d6. It did not affect the Linux kernels as shipped with Red Hat Enterprise Linux 6, and Red Hat Enterprise MRG as they have backported the upstream commit ea2bc483ff5 that Red Hat Enterprise Linux 5 did not. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1212.html. This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:1212 https://rhn.redhat.com/errata/RHSA-2011-1212.html Created kernel tracking bugs for this issue Affects: fedora-all [bug 748680] This issue has been addressed in following products: Red Hat Enterprise Linux 5.6.Z - Server Only Via RHSA-2011:1813 https://rhn.redhat.com/errata/RHSA-2011-1813.html |