A security vunlerability in the Linux CIPE (VPN tunnel) implementation has been fixed.
Larry McVoy has discovered a problem in the CIPE (VPN tunnel) implementation, where a malformed packet could cause a crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0047 to this issue. Andrew Griffiths has discovered a vulnerability that allows remote machines to read random memory using a bug in the Linux ICMP implementation. However, 2.4 kernels after version 2.4.0-test6 and 2.2 kernels after version 2.2.18 have this bug fixed. All Red Hat Linux 2.4 kernels have this fix are not vulnerable to this bug. It is recommended that users running older 2.2 kernels on Red Hat Linux 6.2 or 7 upgrade to the latest available errata kernel, which includes a fix for this problem. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-0046 to this issue. A patch for recent 2.4 kernels is circulating to fix the bug in the Linux ICMP implementation. Red Hat, Inc. recommends not using this patch since it actually breaks the kernel ICMP implementation and since Red Hat Linux 2.4 kernels are not vulnerable to the bug. In addition to the CIPE security fix, several other bugs were fixed, and some drivers were updated: * For Red Hat Linux 7.1: DRM/DRI (3D support) for the XFree86 erratum RHEA-2002:010 * New aacraid driver rewritten by Alan Cox * New DAC960 driver * Additional Qlogic 2200 driver * LM_Sensors driver upgrade