The guys over at SuSE have released an updated kernel of theirs today addressing issues in the networking code: From the suse-security-announce at suse.com list: ------- snip -------- 1) problem description, brief discussion, solution, upgrade information During the last weeks a couple of security relevant fixes have been accumulated for the kernel. These fix local vulnerabilities and remote DoS conditions. The list of the fixed vulnerabilities is as follows: - fix for a possible denial of service attack (DoS) in the routing code - fix for a possible attack of an unpriviledged user via ioport - fix for a re-binding problem of UDP port 2049 (NFS) sockets - fix for a kernel panic with pptpd when mss > mtu - fix for console redirect bug - fix for the execve() file read race vulnerability - fix for several race conditions in procfs - fix for possible DoS in netfilter code - fix for possible DoS in NFSv3 code ------- snip -------- Possibly some of these patches could be useful for the gentoo-sources, some of them may have already been included in the gentoo-sources. What I propose is considering whether these security patches concerning network code from ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-100.i586.patch.rpm (file from 12. August 2003 at time of writing) are worth going into gentoo-sources or not. Reproducible: Always Steps to Reproduce: 1. 2. 3.
- fix for possible DoS in netfilter code has probably been fixed by gentoo-sources 2.4.20-r6, not sure about the other ones
This bug was fixed and a GLSA went out. http://forums.gentoo.org/viewtopic.php?t=75555