Linux kernel built with a Gigabit Ethernet device support(CONFIG_QETH) is vulnerable to a buffer overflow flaw. It could occur while doing an ioctl(SIOC_QETH_ADP_SET_SNMP_CONTROL) call. A user/program could use this flaw to crash the kernel resulting in DoS or potentially escalate user privileges on a system. Upstream fix: ------------- -> http://git.kernel.org/linus/6fb392b1a63ae36c31f62bc3fc8630b49d602b62 Reference: ---------- -> http://seclists.org/oss-sec/2013/q4/330
Statement: This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise MRG 2. Please note that this issue only affects s390x architecture.
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0159 https://rhn.redhat.com/errata/RHSA-2014-0159.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6.4 EUS - Server and Compute Node Only Via RHSA-2014:0284 https://rhn.redhat.com/errata/RHSA-2014-0284.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0285 https://rhn.redhat.com/errata/RHSA-2014-0285.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5.9 EUS - Server Only Via RHSA-2014:0476 https://rhn.redhat.com/errata/RHSA-2014-0476.html