Bug 165565
| Summary: | CVE-2005-2456 IPSEC overflow | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 3 | Reporter: | Mark J. Cox <mjc> |
| Component: | kernel | Assignee: | John W. Linville <linville> |
| Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.0 | CC: | davem, linville, lwang, peterm, petrides, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | impact=important,public=20050725,source=lkml,reported=20050725 | ||
| Fixed In Version: | RHSA-2005-663 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-09-28 15:31:02 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 156320 | ||
|
Description
Mark J. Cox
2005-08-10 14:38:51 UTC
Mark, please correct the first link in the initial comment. That one refers to some unrelated upstream change. Thanks in advance. I believe you mean http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a4f1bac62564049ea4718c4624b0fadc9f597c84 -Kurt Something strangely filtered the - http://linux.bkbits.net:8080/linux-2.6/cset@42e6bc85npULs5heBLcOs_2M2z-CpQ John, do you have any time to look at this? DaveM says he can't address it until the end of next week, and we're considering a U6 respin before then. Mark, do you have any information on how to reproduce this problem? The patch seems obvious enough. I have test kernels available here: http://people.redhat.com/linville/kernels/rhel3/ Is anyone in a position to test against an exploit? Ernie, how soon do you need this for a respin? John, Mark is not in a position to test kernel fixes. So you'd need to recreate the problem from the info available and then verify that the fix addresses the problem. We're considering a mid-week target for the U6 respin, which means it would be desirable to have all relevant patches posted by end-of-day tomorrow. Reverting to ASSIGNED state. Fix is on target for next RHEL3 U6 respin. A fix for this problem has just been committed to the RHEL3 U6 patch pool this evening (in kernel version 2.4.21-35.EL). An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-663.html |