Red Hat Bugzilla – Bug 142730
CAN-2004-1016 CMSG validation checks
Last modified: 2013-08-05 21:10:46 EDT
isec.pl reported to vendor-sec on 20041125 a DoS caused
by scm_send with exploiter that they say affects 2.4.28
Also reported by Georgi Guninski on Dec08
Fixed upstream in 2.6.10-rc3 and 2.4-bk.
Both changesets required. See bug 142729 for reproducer etc
A fix for this problem has just been committed to the RHEL2.1 E7
patch pool (in kernel version 2.4.9-e.58)
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.