CVE-2006-6333 affect kernel on RHEL5?
Issue
- In our investigation, it looks that CVE-2006-6333 does not affect RHEL5.
- The patch of CVE-2006-6333 is written below:
--- a/drivers/net/tokenring/ibmtr.c
+++ b/drivers/net/tokenring/ibmtr.c
@@ -1826,7 +1826,7 @@ static void tr_rx(struct net_device *dev)
skb->protocol = tr_type_trans(skb, dev);
if (IPv4_p) {
skb->csum = chksum;
- skb->ip_summed = 1;
+ skb->ip_summed = CHECKSUM_COMPLETE;
}
netif_rx(skb);
dev->last_rx = jiffies;
- The same code is included in RHEL5, too:
drivers/net/tokenring/ibmtr.c
static void tr_rx(struct net_device *dev)
{
::
skb->protocol = tr_type_trans(skb, dev);
if (IPv4_p) {
skb->csum = chksum;
skb->ip_summed = 1; *
}
- However, there is a defference in the following header file between RHEL5 and kernel-2.6.19, so we thought CVE-2006-6333 did not affect RHEL5.
- RHEL5 include/linux/skbuff.h:
::
#define CHECKSUM_NONE 0
#define CHECKSUM_HW 1 *
#define CHECKSUM_UNNECESSARY 2
#define CHECKSUM_PARTIAL CHECKSUM_HW
#define CHECKSUM_COMPLETE CHECKSUM_HW *
::
- kernel-2.6.19 include/linux/skbuff.h:
::
#define CHECKSUM_NONE 0
#define CHECKSUM_PARTIAL 1 *
#define CHECKSUM_UNNECESSARY 2
#define CHECKSUM_COMPLETE 3 *
::
- Does CVE-2006-6333 really NOT affect kernel on RHEL5?
Environment
- Red Hat Enterprise Linux 5.3 x86_64/x86 with kernel-2.6.18-128.el5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.