Bug 703011 (CVE-2011-1770)
Summary: | CVE-2011-1770 kernel: dccp: handle invalid feature options length | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Eugene Teo (Security Response) <eteo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | arozansk, bhu, bressers, dhoward, fhrbata, jkacur, kernel-mgr, kmcmartin, lgoncalv, lwang, plougher, rkhan, rt-maint, sforsber, tcallawa, vgoyal, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-07-29 12:44:50 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 703012, 703013, 703014 | ||
Bug Blocks: |
Description
Eugene Teo (Security Response)
2011-05-09 01:37:33 UTC
Statement: This issue does not affect Red Hat Enterprise Linux 4 and 5: Red Hat Enterprise Linux 4 does not provide support for the Datagram Congestion Control Protocol (DCCP), and Red Hat Enterprise Linux 5, which does support DCCP, did not backport the upstream commit that introduced this issue, e77b8363b. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0836.html and https://rhn.redhat.com/errata/RHSA-2011-1253.html. This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0836 https://rhn.redhat.com/errata/RHSA-2011-0836.html Upstream commit: http://git.kernel.org/linus/a294865978b701e4d0d90135672749531b9a900d This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2011:1253 https://rhn.redhat.com/errata/RHSA-2011-1253.html |