It was found that on certain system slow path in __net_get_random_once() was never taken, which lead to insufficient initialization of various seed values, among others affecting randomness of IP IDs, TCP sequence numbers, and ephemeral port numbers. Upstream fix: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d4405226d27b3a215e4d03cfa51f536244e5de7
Statement: Not vulnerable. This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.
Current fedora19 kernel is 3.14.19-100.fc19, which appears potentially affected by this bug. None of the linux-stable trees appear to contain that commit. (F19 is not quite dead yet.)
(In reply to Frank Ch. Eigler from comment #2) > Current fedora19 kernel is 3.14.19-100.fc19, which appears > potentially affected by this bug. None of the linux-stable > trees appear to contain that commit. (F19 is not quite dead yet.) 3.14 stable does contain the fix. And Fedora 19 as well, because it's based on 3.14 stable. See https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/include/linux/net.h?id=refs/tags/v3.14.19 last commit from Hannes. I've also checked 3.14.19-100.fc19 and it does contain the fix.