|Summary:||CVE-2007-0006 Key serial number collision problem|
|Product:||Red Hat Enterprise Linux 5||Reporter:||Linda Wang <lwang>|
|Component:||kernel||Assignee:||Don Howard <dhoward>|
|Status:||CLOSED ERRATA||QA Contact:||Brian Brock <bbrock>|
|Version:||5.0||CC:||dhoward, dzickus, security-response-team|
|Fixed In Version:||RHSA-2007-0099||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2007-03-14 15:04:47 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description Linda Wang 2007-02-23 23:04:22 UTC
+++ This bug was initially created as a clone of Bug #227497 +++ The key serial number collision avoidance code is wrong. This didn't use to be a problem as the key serial numbers were allocated from a simple incremented counter, and you'd have to go through 2 billion keys before encountering a collision. However, now that random numbers are used instead, collisions are much more likely. http://bugzilla.kernel.org/show_bug.cgi?id=7727 -- Additional comment from email@example.com on 2007-02-06 09:23 EST -- upstream patch is here: http://bugzilla.kernel.org/attachment.cgi?id=10312&action=view -- Additional comment from firstname.lastname@example.org on 2007-02-06 09:29 EST -- Created an attachment (id=147467) Proposed patch from David Howells -- Additional comment from email@example.com on 2007-02-07 11:20 EST -- This is proposed as a Security Day 0 errata for 5.0. Cleared rhel-5.0.0 and blocker and set rhel-5.1.0 flag. Set pm_ack. -- Additional comment from firstname.lastname@example.org on 2007-02-23 14:04 EST -- QE ack for RHEL5.
Comment 9 Mike Gahagan 2007-03-09 15:19:33 UTC
We haven't been able to reproduce the problem with the reproducer attached to the rhel 4 version of this bug, but the patch is in the 8.1.1 kernel.
Comment 11 Red Hat Bugzilla 2007-03-14 15:04:47 UTC
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-0099.html