Red Hat Bugzilla – Bug 121314
CAN-2004-0424 Linux kernel setsockopt MCAST_MSFILTER integer overflow
Last modified: 2007-11-30 17:07:01 EST
Reported to bugtraq on April 20th, a security vulnerability has been
found in the Linux kernel in the ip_setsockopt() function code which
can allow privilege escalation. Code affects kernel versions 2.4.22 -
2.4.25, 2.6.1 - 2.6.3. It also affects the kernel shipped with Red
Hat Enterprise Linux 3 which contained a backported version of the
A RHSA-2003:183 is in progress and currently in QA.
The fixes for this problem have been committed to the E2 patch pool
(in kernel version 2.4.21-9.0.3.EL) and also to the U2 patch pool
(in kernel version 2.4.21-15.EL).
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.