The pfkey socket buffer can overflow in racoon when SADB is large in RHEL5
Issue
- If there are lot of entries in the kernel's Security Association (SA) database (SADB) there is a likelilhood of pfkey socket buffer overflow during a SADB dump operation.
-
How many SPD rules can be used with setkey command ?
-
How many PSK IPsec connection rules can be used with ipsec-tools
Environment
- Red Hat Enterprise Linux 5 (RHEL5) - Update 5 and previous
- ipsec-tools
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.