Question about kernel 2.4.9-31 Matt_Domsch at
Tue Apr 16 09:34:01 CDT 2002

> Is there any need to upgrade to the 2.4.9-31 errata kernel?

The Linux Netfilter team has found a problem in the IRC connection
tracking component of the firewall within the linux kernel. This component
is distributed with kernels in Red Hat Linux 7.1 and 7.2, although it is
not used in default installations.

The problem consists of an excessively broad netmask setting which is
applied to check if an "IRC DCC" connection through a masquerading firewall
should be allowed. This results in unwanted ports being opened on the
firewall, which could, depending on the firewall filter ruleset, allow
inbound connections.

If you don't use IRC through your Linux-based firewall, you should be fine
without it.

Matt Domsch
Sr. Software Engineer
Dell Linux Solutions
Linux on Dell mailing lists @
#1 US Linux Server provider for 2001!

More information about the Linux-PowerEdge mailing list