Due to the way the Linux kernel handles the creation of IPv6 temporary addresses a malicious LAN user can remotely disable them altogether which may lead to privacy violations and information disclosure. Reference: -> http://seclists.org/oss-sec/2012/q4/292 -> http://seclists.org/oss-sec/2013/q1/92
Upstream commit: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=4b08a8f1bd8cb4541c93ec170027b4d0782dab52
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 999380]
kernel-3.10.9-100.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
kernel-3.10.9-200.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:1449 https://rhn.redhat.com/errata/RHSA-2013-1449.html
This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2013:1490 https://rhn.redhat.com/errata/RHSA-2013-1490.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1645 https://rhn.redhat.com/errata/RHSA-2013-1645.html
Statement: (none)