Wei Wang of McAfee Avert Labs discovered a security problem in kernel's ASN.1
decoder affecting CIFS and ip_nat_snmp_basic modules:
Due to an error in two linux kernel modules, cifs filesytem and
ip_nat_snmp_basic in the ASN.1 decoder when handling length BER
encodings, This flaw can be remotely exploited by remote attackers to
cause a vulnerable system to hang or even to execute arbitrary code in
Since cifs and ip_nat_snmp_basic kernel module are using the same ASN1.1
decoder which was derived from the gxsnmp package . So, gxsnmp is also
Fixed upstream in 220.127.116.11 and 18.104.22.168:
kernel-22.214.171.124-27.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2, 3, 4, 5 or Red Hat Enterprise MRG.
The bug existed on Red Hat Enterprise Linux 3, 4, and 5. However, this is only a security issue if the SLOB or SLUB memory allocators were used (introduced in Linux kernel versions 2.6.16 and 2.6.22, respectively). All Red Hat Enterprise Linux and Red Hat Enterprise MRG kernels use the SLAB memory allocator, which in this case, cannot be exploited to allow arbitrary code execution. As a preventive measure, the underlying bug was addressed in Red Hat Enterprise Linux 3, 4, and 5, via the advisories RHSA-2008:0973, RHSA-2008:0508, and RHSA-2008:0519, respectively.
Updated: Sept 8th, 2009.