Does CVE-2010-1173 affect Red Hat Enterprise Linux?

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 4
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise MRG

Issue

The flaw identified by CVE-2010-1173 (Red Hat Bugzilla bug 584645) describes an issue in the Stream Control Transmission Protocol (SCTP) implementation in the Linux kernel, version 2.6.0 and later. This flaw will be addressed in the upstream Linux kernel soon. On systems with SCTP enabled, this could, potentially, lead to a remote denial of service if the SCTP listening port receives a malformed INIT chunk packet.

This issue has been rated as having important security impact by the Red Hat Security Response Team.

Resolution

This issue has been fixed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG via the Red Hat Security Advisories RHSA-2010:0474, RHSA-2010:0504, and RHSA-2010:0631 respectively. Red Hat Enterprise Linux 3 is not affected as it does not include support for SCTP. Before updates are installed, the workaround below can be applied to help reduce the risk of this issue.

Mitigation

For users that do not run applications that use SCTP, you can prevent the sctp module from being loaded by adding the following entry to the end of the /etc/modprobe.d/blacklist file:

blacklist sctp

This way, the sctp module cannot be loaded accidentally, which may occur if an application that requires SCTP is started. A reboot is not necessary for this change to take effect.

Further Assistance

If you require assistance with mitigating this issue, or would like to request a hotfix, please contact Red Hat support.

Revision History

Update 16th June 2010: This article has been updated to reflect the release of the Red Hat Security Advisory RHSA-2010:0474, which fixes the CVE-2010-1173 issue in Red Hat Enterprise Linux 4.

Update 2nd July 2010: This article has been updated to reflect the release of the Red Hat Security Advisory RHSA-2010:0504, which fixes the CVE-2010-1173 issue in Red Hat Enterprise Linux 5.

Update 19th August 2010: This article has been updated to reflect the release of the Red Hat Security Advisory RHSA-2010:0631, which fixes the CVE-2010-1173 issue in Red Hat Enterprise MRG.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments