Red Hat is aware of this issue and is tracking it via the following bug:
This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for SCTP. It did not affect Red Hat Enterprise Linux 4 and 5 as it did not include upstream commit 1f485649 that introduced the problem. Future kernel updates in Red Hat Enterprise MRG may address this flaw.
CVSS v2 metrics
|Access Vector||Adjacent Network|
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat Security Errata
|MRG Grid for RHEL 5 Server (kernel-rt)||RHSA-2010:0958||2010-12-08|
|Red Hat Enterprise Linux 6 (kernel)||RHSA-2010:0842||2010-11-10|
AcknowledgementsRed Hat would like to thank Dan Rosenberg for reporting this issue.
CVE description copyright © 2017, The MITRE Corporation