DescriptionEugene Teo (Security Response)
2009-12-18 01:25:29 UTC
Originally discovered by Victor Julien that there is a way to crash the Linux kernel by sending a single IPv6 packet at it.
1) The CVE-2007-4567 issue was reported to Red Hat in September 2007. Red Hat Enterprise Linux 5 was found not to be affected.
2) On December 18, 2009, a customer reported to us that Red Hat Enterprise Linux 5 was vulnerable to CVE-2007-4567.
3) Investigations showed that the issue was introduced in the RHBA-2008-0314 update on May 21, 2008 via a backport of a collection of patches for DoD IPv6 conformance.
4) Updates released on January 7, 2010 for Red Hat Enterprise Linux 5, resolving CVE-2007-4567.
Note that the Linux kernels as shipped with Red Hat Enterprise Linux 3, 4, and Red Hat Enterprise MRG are not affected.
Upstream commit:
http://git.kernel.org/linus/e76b2b2567b83448c2ee85a896433b96150c92e6
Reference:
http://rhn.redhat.com/errata/RHBA-2008-0314.htmlhttps://rhn.redhat.com/errata/RHSA-2010-0019.html