Divide-by-zero vulnerability was found in __tcp_select_window function which can result into kernel panic causing local denial-of-service if panic_on_oops is enabled. References: http://seclists.org/oss-sec/2017/q3/389 https://marc.info/?l=linux-netdev&m=150415901823078 https://www.mail-archive.com/netdev@vger.kernel.org/msg186255.html https://groups.google.com/forum/#!topic/syzkaller/e4SrsEBEziQ Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1487703]
Statement: This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 and 7 and MRG-2. Future Linux kernel updates for the respective releases may address this issue.
This bug was fixed upstream in May and is currently fixed included in all supported Fedora releases.
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2017:2918 https://access.redhat.com/errata/RHSA-2017:2918
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2930 https://access.redhat.com/errata/RHSA-2017:2930
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2931 https://access.redhat.com/errata/RHSA-2017:2931
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:3200 https://access.redhat.com/errata/RHSA-2017:3200
This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Extended Lifecycle Support Via RHSA-2018:2172 https://access.redhat.com/errata/RHSA-2018:2172