Red Hat Bugzilla – Bug 326251
CVE-2007-5001 kernel asynchronous IO on a FIFO kernel panic
Last modified: 2010-12-21 12:10:10 EST
Using asynchronous IO on a FIFO causes RHEL 3U9 to kernel panic.
(Does not occur in RHEL 4 as the pipe_write function has been re-written)
This is a security issue because a local unprivileged user can cause a kernel panic.
Reproducer in bz#311621
This issue posted on 2008-06-05 to upstream security list. Reviewed and
confirmed by Don Howard and Josef Bacik, this issue not present in upstream
vanilla 2.4.21 kernel -> lifting the embargo for this one.
This was addressed via:
Red Hat Enterprise Linux version 3 (RHSA-2008:0211)