Bug 237905

Summary: Infinite recursion in netlink (security issue)
Product: Red Hat Enterprise Linux 5 Reporter: James Morris <jmorris>
Component: kernelAssignee: Red Hat Kernel Manager <kernel-mgr>
Status: CLOSED DUPLICATE QA Contact: Martin Jenner <mjenner>
Severity: high Docs Contact:
Priority: high    
Version: 5.0CC: davej, davem, security-response-team
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-04-26 15:15:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description James Morris 2007-04-25 23:02:11 UTC 
For details, see upstream thread:
http://marc.info/?t=117752881400003&r=1&w=2
(also includes patch)


RHEL4 and previous are not vulnerable, no fix is needed for
them because they completely lack this feature and this code.

Although initially reported on stable, the patch
and resulting discussion happened on netdev.org
so this bug is fully public knowledge.
Comment 1 James Morris 2007-04-25 23:04:01 UTC 
Fedora kernels may be affected (any kernel since Jun 20th, 2005).
Comment 3 Marcel Holtmann 2007-04-26 15:15:57 UTC 

*** This bug has been marked as a duplicate of 237913 ***