See #151240 for POC and patch +++ This bug was initially created as a clone of Bug #151240 +++ Ben Martel and Stephen Blackheath discovered a DoS attack that a client of pppd can make that can hang the server machine. The bug is in the Linux kernel 2.6 (tested on 2.6.9), but it looks like it also exists in the 2.4 series.
The patch looks fine and should apply cleanly to our RHEL3 tree. Who will work on integration?
Dave, could you please test the patch in a recent RHEL3 tree (against the reproducer) and then post it to rhkernel-list? Since the embargo date has already passed, I don't think that there's any reason to restrict the patch visibility. Mark, would it suffice to include the fix in a U5 respin (as opposed to issuing a pre-U5 security erratum)? Thanks in advance. -ernie
Created attachment 112075 [details] RHEL3 version of PPP patch
A fix for this problem has just been committed to the RHEL3 E5 patch pool this evening (in kernel version 2.4.21-27.0.3.EL).
A fix for this problem has also been committed to the RHEL3 U5 patch pool this evening (in kernel version 2.4.21-32.EL).
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-293.html
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-294.html