265177 – (CVE-2009-1243) Kernel: 2.6.29 net/ipv4/udp.c "udp seq_file infrastructure" DOS (CVE-2009-1243)

Bug 265177 (CVE-2009-1243) - Kernel: 2.6.29 net/ipv4/udp.c "udp seq_file infrastructure" DOS (CVE-2009-1243)

Summary: Kernel: 2.6.29 net/ipv4/udp.c "udp seq_file infrastructure" DOS (CVE-2009-1243)

Status:	RESOLVED FIXED

Alias:	CVE-2009-1243

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://git.kernel.org/?p=linux/kernel...
Whiteboard:	[linux >= 2.6.29 <2.6.29.1] [gp >=2.6...
Keywords:

Depends on:
Blocks:

Reported:	2009-04-06 22:40 UTC by Stefan Behte (RETIRED)
Modified:	2013-09-12 04:54 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Behte (RETIRED) gentoo-dev

2009-04-06 22:40:33 UTC

CVE-2009-1243 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1243):
  net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an
  unlocking step in certain incorrect circumstances, which allows local
  users to cause a denial of service (panic) by reading zero bytes from
  the /proc/net/udp file and unspecified other files, related to the
  "udp seq_file infrastructure."

Comment 1 kfm 2009-07-24 03:07:02 UTC

The code in kernel versions earlier than 2.6.29 is quite different and, as such, I am not at all convinced that they are affected (despite the lengthy list presented by NIST). Note also that Red Hat officially issued this statement:

"This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, 5 or Red Hat Enterprise MRG."

https://www.redhat.com/security/data/cve/CVE-2009-1243.html

Well, RHEL4 was based on 2.6.9 and RHEL5 was based on 2.6.18. Surely, they haven't been hiding the fix from us all that time!