Linux kernel built with the TCP/IP networking support(CONFIG_NET) is vulnerable
to a NULL pointer dereference flaw. It could occur via a plain read(2) call on
a ping socket. Usage of ping sockets is generally restricted to privileged
A user/program able to read from ping sockets could use this flaw to crash a
system resulting in DoS.
This issue does not affect the versions of the kernel package as shipped with
Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
Red Hat would like to thank Mr Hannes Frederic Sowa for reporting this issue.