It was found that in the Linux kernel v4.2-rc1 to v4.3-rc1 a use of uninitialized 'n_proto', 'ip_proto' and 'thoff' variables in __skb_flow_dissect() function can lead to a remote denial-of-service via malformed MPLS packet. Reference: http://seclists.org/oss-sec/2017/q3/345 Introduced by: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3baa0fbd02a1a9d493d8cb92ae4a4491b9e9d13 Fixed by: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a6e544b0a88b53114bfa5a57e21b7be7a8dfc9d0 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34fad54c2537f7c99d07375e50cb30aa3c23bd83 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c9b8af1330198ae241cd545e1f040019010d44d9
Statement: This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 as the code with the flaw is not present or is already fixed in the products listed.