Release Found: Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG
The flaw identified by CVE-2009-0065 (Red Hat Bugzilla bug 478800) describes a buffer overflow in the Partial Reliable Stream Control Transmission Protocol (PR-SCTP) implementation of the Linux kernel, versions 2.6.28-rc8 and earlier (including 18.104.22.168 and 22.214.171.124). This flaw was addressed via the upstream git commit 9fcb95a1. On systems with PR-SCTP enabled, this could, potentially, lead to a remote denial of service or arbitrary code execution if a Forward-TSN chunk is received with a large stream ID. Note: An established connection between SCTP endpoints is necessary to exploit this vulnerability.
This issue has already been fixed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG, via the asynchronous security advisories RHSA-2009:0331, RHSA-2009:0264, and RHSA-2009:0053, respectively. Red Hat Enterprise Linux 2.1 and 3 are not affected. If the required updates are not installed, or if it is not possible to install at this time, the following workarounds can be used:
For users that run applications that use SCTP, the PR-SCTP extension is enabled in the kernel by default if the
sctp loadable kernel module (LKM) is loaded. You can temporarily disable the PR-SCTP extension by running one of the following commands as the root user:
sysctl -w net.sctp.prsctp_enable=0
echo 0 > /proc/sys/net/sctp/prsctp_enable
To make permanent changes with these commands, see How do I make changes to my proc filesystem permanent?.
For users that do not run applications that use SCTP, you can prevent the
sctp module from being loaded by adding the following entry to the end of the
This way, the
sctp module cannot be loaded accidentally, which may occur if an application that requires SCTP is started. A reboot is not necessary for this change to take effect.