Two similar issues: 1) Reported by Jay Fenlason and Doug Ledford: recvfrom() on an RDS socket can disclose sizeof(struct sockaddr_storage)-sizeof(struct sockaddr_in) bytes of kernel stack to userspace when receiving a datagram. 2) Reported by Jay Fenlason: recv{from,msg}() on an RDS socket can disclose sizeof(struct sockaddr_storage) bytes of kernel stack to userspace when other code paths are taken.
Statement: The Red Hat Security Response Team has rated this issue as having low security impact. A future kernel updates may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Created kernel tracking bugs for this issue Affects: fedora-all [bug 843554]
Upstream commit: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=06b6a1cf6e776426766298d055bb3991957d90a7
kernel-3.4.7-1.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
Acknowledgements: This issue was discovered by the Red Hat InfiniBand team.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:1304 https://rhn.redhat.com/errata/RHSA-2012-1304.html
The statement from Petr Matousek on July 29th states that RHEL 5 is affected by this issue. Is there any current release or estimated release date for the RHEL 5 resolution/fix?
(In reply to comment #15) > The statement from Petr Matousek on July 29th states that RHEL 5 is affected > by this issue. Is there any current release or estimated release date for > the RHEL 5 resolution/fix? Hello, Gary. Today we are going to release a regular kernel update for Red Hat Enterprise Linux 5 that fixes this issue. Best regards, -- Petr Matousek / Red Hat Security Response Team
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2012:1323 https://rhn.redhat.com/errata/RHSA-2012-1323.html
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2012:1491 https://rhn.redhat.com/errata/RHSA-2012-1491.html