If an extent exists which includes the block right before the maximum file offset, and the block for the maximum file offset is written, the kernel panics. For 4KB block size, the problem only occurs on x86_64 architecture. For 1KB or 2KB block size, the problem occurs on both i386 and x86_64. Local unprivileged users can use this flaw to crash the system when ext4 filesystem is in use. Upstream fix: http://git.kernel.org/linus/f17722f917b2f21497deb6edc62fb1683daa08e6 References: http://www.spinics.net/lists/linux-ext4/msg25697.html
Statement: This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1189.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for EXT4 filesystem.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:1189 https://rhn.redhat.com/errata/RHSA-2011-1189.html
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2011:1253 https://rhn.redhat.com/errata/RHSA-2011-1253.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:1386 https://rhn.redhat.com/errata/RHSA-2011-1386.html
This issue has been addressed in rhel-6.1.z via RHSA-2011:1189 https://rhn.redhat.com/errata/RHSA-2011-1189.html