From MOKB-14-11-2006: http://projects.info-pull.com/mokb/MOKB-14-11-2006.html Failure to handle mounting of corrupt filesystem streams may lead to a local denial of service condition when SELinux hooks are enabled. This particular vulnerability is caused by a null pointer dereference in the superblock_doinit function.
Not an SELinux problem. It's a problem in HFS return codes from failure. Already fixed upstream by Eric Sandeen. Will discuss which of us should own the local bug (we both know the fix just fine)
committed in stream U5 build 42.31. A test kernel with this patch is available from http://people.redhat.com/~jbaron/rhel4/
committed in stream E5 build 42.0.4
verified using the MOKB hfs image.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-0014.html