Red Hat Bugzilla – Bug 168925
CVE-2005-2709 More sysctl flaws
Last modified: 2007-11-30 17:07:08 EST
sysctls go away on network interfaces being removed. Which includes
not only ppp et.al., but all sorts of tunnels, etc. IOW, you can
wait for it to happen - in a lot of setups it will. And in case of
e.g. ipv4 sysctls we are talking about >2Kb allocated on amd64, so
kmalloc() will pick full pages for each (per-interface) set of sysctls...
Thanks for the info, Al. Reassigning.
Patch posted 11/23 - security issue - moving to canfix list.
A fix for this problem has just been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-37.12.EL).
A fix for this problem has also been committed to the RHEL3 E7
patch pool this evening (in kernel version 2.4.21-37.0.1.EL).
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.