[5.4] System may crash by missed and reordered checks in {arp,ip,ip6}_tables

Solution Verified - Updated -

Issue

  • [5.4] System may crash by missed and reordered checks in {arp,ip,ip6}_tables
  • According to upstream, "There are three issues in parsing user-provided table in translate_table()
    of the netfilter. Malicious user with CAP_NET_ADMIN may crash system by passing special-crafted
    table to the *_tables".
  • Partner would like to know if the issue may happen on RHEL5.
  • Partner would like to know about workaround info if it affects RHEL5.

Environment

  • Red Hat Enterprise Linux 5 Update 4
  • x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content