How does CVE-2013-2224 affect Red Hat Enterprise Linux?

Solution Verified - Updated -

Issue

  • How does CVE-2013-2224 affect Red Hat Enterprise Linux?
    MITRE reports CVE-2013-2224 as:

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain privileges via a sendmsg system call with the IP_RETOPTS option, as demonstrated by hemlock.c. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-3552.

Additional details can be found in the Red Hat CVE database.

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In