Reported by James McKenzie on LKML: http://bugzilla.kernel.org/show_bug.cgi?id=6828 The bug #199172 describes the possibility to corrupt a ext2/ext3 filesystem which is exported over NFS via bad packets. In the case of RHEL4 the filesystem will be remounted read-only and marked as dirty. In case of RHEL3 only an error messages occurs and it continues. However it still seems possible to corrupt the filesystem.
Hi, Marcel. Could you please downgrade the security impact of this BZ against RHEL3 to "low", since nothing more serious than a console message occurs? (This is further mitigated by the fact that unprivileged users cannot recreate the problem at will.)
Downgraded the security impact to moderate. With the default mount options for ext2 and ext3 this issue only results in showing additional console messages. If the exported filesystem has been mounted with the options to remount read-only or panic than this poses a security threat.
Closing this bug now as NOTABUG, because of the compatibility concerns and due to the fact that the default settings are safe. A user has to explicitly specify the remount read-only option to make the system vulnerable.