Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-3792 (GCVE-0-2008-3792)
Vulnerability from cvelistv5 – Published: 2008-09-03 14:00 – Updated: 2024-08-07 09:53
VLAI?
EPSS
Summary
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2008-08-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"name": "32190",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32190"
},
{
"name": "32393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32393"
},
{
"name": "DSA-1636",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"name": "31121",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31121"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"name": "31881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31881"
},
{
"name": "USN-659-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"name": "linux-kernel-sctpauthapi-dos(45189)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"name": "SUSE-SA:2008:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"name": "RHSA-2008:0857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"name": "[oss-security] 20080825 CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"name": "[linux-kernel] 20080823 [GIT]: Networking",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"name": "1020854",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020854"
},
{
"name": "4210",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4210"
},
{
"name": "20080911 [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"name": "[linux-netdev] 20080821 [PATCH] sctp: fix potential panics in the SCTP-AUTH API.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"name": "[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"name": "32190",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32190"
},
{
"name": "32393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32393"
},
{
"name": "DSA-1636",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"name": "31121",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31121"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"name": "31881",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31881"
},
{
"name": "USN-659-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"name": "linux-kernel-sctpauthapi-dos(45189)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"name": "SUSE-SA:2008:053",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"name": "RHSA-2008:0857",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"name": "[oss-security] 20080825 CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"name": "[linux-kernel] 20080823 [GIT]: Networking",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"name": "1020854",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020854"
},
{
"name": "4210",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4210"
},
{
"name": "20080911 [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"name": "[linux-netdev] 20080821 [PATCH] sctp: fix potential panics in the SCTP-AUTH API.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"name": "[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trapkit.de/advisories/TKADV2008-007.txt",
"refsource": "MISC",
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"name": "32190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32190"
},
{
"name": "32393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32393"
},
{
"name": "DSA-1636",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"name": "31121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31121"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"name": "31881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31881"
},
{
"name": "USN-659-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"name": "linux-kernel-sctpauthapi-dos(45189)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"name": "SUSE-SA:2008:053",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"name": "RHSA-2008:0857",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"name": "[oss-security] 20080825 CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"name": "[linux-kernel] 20080823 [GIT]: Networking",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"name": "1020854",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020854"
},
{
"name": "4210",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4210"
},
{
"name": "20080911 [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"name": "[linux-netdev] 20080821 [PATCH] sctp: fix potential panics in the SCTP-AUTH API.",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"name": "[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3792",
"datePublished": "2008-09-03T14:00:00.000Z",
"dateReserved": "2008-08-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:53:00.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CEA56669-B09E-42C2-9591-245C46909A2F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.\"}, {\"lang\": \"es\", \"value\": \"En el archivo net/sctp/socket.c en la implementaci\\u00f3n del Stream Control Transmission Protocol (sctp) en el Kernel de Linux anterior a versi\\u00f3n 2.6.26.4, no comprueba que la extensi\\u00f3n SCTP-AUTH est\\u00e9 habilitada antes de proceder con las funciones de la API SCTP-AUTH, lo que permite a atacantes causar una denegaci\\u00f3n de servicio (desreferencia del puntero NULL y p\\u00e1nico) por medio de vectores que resultan en llamadas a la funci\\u00f3n (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, o (9) sctp_getsockopt_local_auth_chunks.\"}]",
"id": "CVE-2008-3792",
"lastModified": "2024-11-21T00:50:08.723",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2008-09-03T14:12:00.000",
"references": "[{\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lkml.org/lkml/2008/8/23/49\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/31881\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32190\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32393\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/4210\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.debian.org/security/2008/dsa-1636\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/08/25/1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/08/26/6\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/08/26/8\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/09/26/6\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0857.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/496256/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/31121\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1020854\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.trapkit.de/advisories/TKADV2008-007.txt\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-659-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/45189\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lkml.org/lkml/2008/8/23/49\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/31881\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32190\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/32393\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/4210\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.debian.org/security/2008/dsa-1636\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/08/25/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/08/26/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/08/26/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2008/09/26/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2008-0857.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/496256/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/31121\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1020854\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.trapkit.de/advisories/TKADV2008-007.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/usn-659-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/45189\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.\\n\\nIt was addressed in Red Hat Enterprise MRG for RHEL-5 via: https://rhn.redhat.com/errata/RHSA-2008-0857.html\", \"lastModified\": \"2009-01-15T00:00:00\"}]",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-3792\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-09-03T14:12:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.\"},{\"lang\":\"es\",\"value\":\"En el archivo net/sctp/socket.c en la implementaci\u00f3n del Stream Control Transmission Protocol (sctp) en el Kernel de Linux anterior a versi\u00f3n 2.6.26.4, no comprueba que la extensi\u00f3n SCTP-AUTH est\u00e9 habilitada antes de proceder con las funciones de la API SCTP-AUTH, lo que permite a atacantes causar una denegaci\u00f3n de servicio (desreferencia del puntero NULL y p\u00e1nico) por medio de vectores que resultan en llamadas a la funci\u00f3n (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, o (9) sctp_getsockopt_local_auth_chunks.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEA56669-B09E-42C2-9591-245C46909A2F\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lkml.org/lkml/2008/8/23/49\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31881\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32190\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32393\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4210\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.debian.org/security/2008/dsa-1636\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/08/25/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/08/26/6\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/08/26/8\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/09/26/6\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0857.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/496256/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/31121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020854\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.trapkit.de/advisories/TKADV2008-007.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/usn-659-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45189\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lkml.org/lkml/2008/8/23/49\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31881\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32190\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32393\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.debian.org/security/2008/dsa-1636\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/08/25/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/08/26/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/08/26/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/09/26/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-0857.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/496256/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/31121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020854\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.trapkit.de/advisories/TKADV2008-007.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/usn-659-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.\\n\\nIt was addressed in Red Hat Enterprise MRG for RHEL-5 via: https://rhn.redhat.com/errata/RHSA-2008-0857.html\",\"lastModified\":\"2009-01-15T00:00:00\"}]}}"
}
}
RHSA-2008:0857
Vulnerability from csaf_redhat - Published: 2008-10-07 19:16 - Updated: 2025-11-21 17:33Summary
Red Hat Security Advisory: kernel security and bug fix update
Severity
Important
Notes
Topic: Updated kernel packages that fix several security issues and several bugs
are now available for Red Hat Enterprise MRG 1.0.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: The kernel packages contain the Linux kernel, the core of any Linux
operating system.
A possible integer overflow was found in the Linux kernel Stream Control
Transmission Protocol (SCTP) implementation. This could allow an attacker
to cause a denial of service. (CVE-2008-3526, Important)
A deficiency was found in the Linux kernel Stream Control Transmission
Protocol (SCTP) Authentication Extension implementation. All the SCTP-AUTH
socket options could cause a kernel panic if the API was used when the
extension is disabled. (CVE-2008-3792, Important)
Missing boundary checks were reported in the Linux kernel SCTP
implementation. This could, potentially, cause information disclosure via a
specially crafted SCTP_HMAC_IDENT IOCTL request. (CVE-2008-4113,
CVE-2008-4445, Important)
Tobias Klein reported a missing check in the Linux kernel's Open Sound
System (OSS) implementation. This deficiency could lead to a possible
information leak. (CVE-2008-3272, Moderate)
A deficiency was found in the Linux kernel virtual filesystem (VFS)
implementation. This could allow a local unprivileged user to make a series
of file creations within deleted directories, possibly causing a denial of
service. (CVE-2008-3275, Moderate)
A flaw was found in the Linux kernel Network File System daemon (nfsd) when
NFSv4 was enabled. Remote attackers could use this to cause a denial of
service via a buffer overflow. (CVE-2008-3915, Moderate)
A possible integer overflow was discovered in the Linux kernel Datagram
Congestion Control Protocol (DCCP) implementation. This could allow a
remote attacker to cause a denial of service on a victim's machine.
(CVE-2008-3276, Low)
A deficiency was found in the Linux kernel tmpfs implementation. This could
allow a local unprivileged user to make a certain sequence of file
operations, possibly causing a denial of service. (CVE-2008-3534, Low)
An off-by-one error was found in the iov_iter_advance function. This could
allow a local unprivileged user to cause a denial of service as
demonstrated by a testcase from the Linux Test Project. (CVE-2008-3535,
Low)
These updated packages also fix the following bugs:
* fixed a warning in the openib code.
* increased MAX_STACK_TRACE_ENTRIES on the debug kernel variant.
* enqueue deprioritized RT tasks to head of prio array.
* use timer_pending() to test ipv6 FIB timers.
* added a lower-bound check for the length field in PPPOE headers.
* pppoe: unshare skb to avoid possible data loss.
* using growisofs could cause oops due to the lack of proper sanity checks.
* random seed improvement.
* enabled the "Panic on Oops" feature.
* fixed a portability issue in parse_pmtmr() due to variable type.
* fixed sanity check in cifs/asn1.c.
* fixed a bug introduced by a previous fix, related to the inode code.
* added better sanity checks to dlm code.
* dynamic ftrace enhancements. The daemon is no longer used.
* fixed a format string bug in cpufreq.
* avoid a potential kernel stack overflow in binfmt_misc.c
* fixed the long boot-up time when CONFIG_PROVE_LOCKING is enabled.
* use a better random seed for NAT port randomization.
* a compat_semaphore was being handled as a regular semaphore due to
casting (qla2xxx driver).
All users of Red Hat Enterprise MRG should upgrade to these new packages,
which address these vulnerabilities and fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.
CWE-190 - Integer Overflow or Wraparound
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
CWE-190 - Integer Overflow or Wraparound
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.
CWE-193 - Off-by-one Error
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel packages that fix several security issues and several bugs\nare now available for Red Hat Enterprise MRG 1.0.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA possible integer overflow was found in the Linux kernel Stream Control\nTransmission Protocol (SCTP) implementation. This could allow an attacker\nto cause a denial of service. (CVE-2008-3526, Important)\n\nA deficiency was found in the Linux kernel Stream Control Transmission\nProtocol (SCTP) Authentication Extension implementation. All the SCTP-AUTH\nsocket options could cause a kernel panic if the API was used when the\nextension is disabled. (CVE-2008-3792, Important)\n\nMissing boundary checks were reported in the Linux kernel SCTP\nimplementation. This could, potentially, cause information disclosure via a\nspecially crafted SCTP_HMAC_IDENT IOCTL request. (CVE-2008-4113,\nCVE-2008-4445, Important)\n\nTobias Klein reported a missing check in the Linux kernel\u0027s Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\nA deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to make a series\nof file creations within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nA flaw was found in the Linux kernel Network File System daemon (nfsd) when\nNFSv4 was enabled. Remote attackers could use this to cause a denial of\nservice via a buffer overflow. (CVE-2008-3915, Moderate)\n\nA possible integer overflow was discovered in the Linux kernel Datagram\nCongestion Control Protocol (DCCP) implementation. This could allow a\nremote attacker to cause a denial of service on a victim\u0027s machine.\n(CVE-2008-3276, Low)\n\nA deficiency was found in the Linux kernel tmpfs implementation. This could\nallow a local unprivileged user to make a certain sequence of file\noperations, possibly causing a denial of service. (CVE-2008-3534, Low)\n\nAn off-by-one error was found in the iov_iter_advance function. This could\nallow a local unprivileged user to cause a denial of service as\ndemonstrated by a testcase from the Linux Test Project. (CVE-2008-3535,\nLow)\n\nThese updated packages also fix the following bugs:\n\n* fixed a warning in the openib code.\n\n* increased MAX_STACK_TRACE_ENTRIES on the debug kernel variant.\n\n* enqueue deprioritized RT tasks to head of prio array.\n\n* use timer_pending() to test ipv6 FIB timers.\n\n* added a lower-bound check for the length field in PPPOE headers.\n\n* pppoe: unshare skb to avoid possible data loss.\n\n* using growisofs could cause oops due to the lack of proper sanity checks.\n\n* random seed improvement.\n\n* enabled the \"Panic on Oops\" feature.\n\n* fixed a portability issue in parse_pmtmr() due to variable type.\n\n* fixed sanity check in cifs/asn1.c.\n\n* fixed a bug introduced by a previous fix, related to the inode code.\n\n* added better sanity checks to dlm code.\n\n* dynamic ftrace enhancements. The daemon is no longer used.\n\n* fixed a format string bug in cpufreq.\n\n* avoid a potential kernel stack overflow in binfmt_misc.c\n\n* fixed the long boot-up time when CONFIG_PROVE_LOCKING is enabled.\n\n* use a better random seed for NAT port randomization.\n\n* a compat_semaphore was being handled as a regular semaphore due to\ncasting (qla2xxx driver).\n\nAll users of Red Hat Enterprise MRG should upgrade to these new packages,\nwhich address these vulnerabilities and fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0857",
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "447942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447942"
},
{
"category": "external",
"summary": "448574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=448574"
},
{
"category": "external",
"summary": "454270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454270"
},
{
"category": "external",
"summary": "457012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457012"
},
{
"category": "external",
"summary": "457014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457014"
},
{
"category": "external",
"summary": "457019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457019"
},
{
"category": "external",
"summary": "457027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457027"
},
{
"category": "external",
"summary": "457507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457507"
},
{
"category": "external",
"summary": "457703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457703"
},
{
"category": "external",
"summary": "457858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457858"
},
{
"category": "external",
"summary": "457995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457995"
},
{
"category": "external",
"summary": "458016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458016"
},
{
"category": "external",
"summary": "458104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458104"
},
{
"category": "external",
"summary": "458340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458340"
},
{
"category": "external",
"summary": "458350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458350"
},
{
"category": "external",
"summary": "458487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458487"
},
{
"category": "external",
"summary": "458755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458755"
},
{
"category": "external",
"summary": "458756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458756"
},
{
"category": "external",
"summary": "458758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458758"
},
{
"category": "external",
"summary": "459141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459141"
},
{
"category": "external",
"summary": "459226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459226"
},
{
"category": "external",
"summary": "459459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459459"
},
{
"category": "external",
"summary": "459462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459462"
},
{
"category": "external",
"summary": "459478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459478"
},
{
"category": "external",
"summary": "459942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459942"
},
{
"category": "external",
"summary": "459955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459955"
},
{
"category": "external",
"summary": "460093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460093"
},
{
"category": "external",
"summary": "460455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460455"
},
{
"category": "external",
"summary": "461101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461101"
},
{
"category": "external",
"summary": "462599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=462599"
},
{
"category": "external",
"summary": "464514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464514"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0857.json"
}
],
"title": "Red Hat Security Advisory: kernel security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T17:33:47+00:00",
"generator": {
"date": "2025-11-21T17:33:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2008:0857",
"initial_release_date": "2008-10-07T19:16:00+00:00",
"revision_history": [
{
"date": "2008-10-07T19:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-10-07T15:18:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:33:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MRG Realtime for RHEL 5 Server",
"product": {
"name": "MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-5"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-81.el5rt?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-81.el5rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"product": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"product_id": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81.el5rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"product": {
"name": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"product_id": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-81.el5rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.src as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src"
},
"product_reference": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch"
},
"product_reference": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3272",
"discovery_date": "2008-08-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457995"
}
],
"notes": [
{
"category": "description",
"text": "The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel snd_seq_oss_synth_make_info leak",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3272"
},
{
"category": "external",
"summary": "RHBZ#457995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457995"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3272"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3272",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3272"
}
],
"release_date": "2008-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel snd_seq_oss_synth_make_info leak"
},
{
"cve": "CVE-2008-3275",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457858"
}
],
"notes": [
{
"category": "description",
"text": "The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service (\"overflow\" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Linux kernel local filesystem DoS",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3275"
},
{
"category": "external",
"summary": "RHBZ#457858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3275",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3275"
}
],
"release_date": "2008-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Linux kernel local filesystem DoS"
},
{
"cve": "CVE-2008-3276",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2008-08-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "459226"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Linux kernel dccp_setsockopt_change() integer overflow",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3276"
},
{
"category": "external",
"summary": "RHBZ#459226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3276",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3276"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3276",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3276"
}
],
"release_date": "2008-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Linux kernel dccp_setsockopt_change() integer overflow"
},
{
"cve": "CVE-2008-3526",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460093"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Linux kernel sctp_setsockopt_auth_key() integer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3526"
},
{
"category": "external",
"summary": "RHBZ#460093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460093"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3526",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3526"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Linux kernel sctp_setsockopt_auth_key() integer overflow"
},
{
"cve": "CVE-2008-3534",
"discovery_date": "2008-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457507"
}
],
"notes": [
{
"category": "description",
"text": "The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of \"useless pages\" and improper maintenance of the i_blocks count.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tmpfs: fix kernel BUG in shmem_delete_inode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3534"
},
{
"category": "external",
"summary": "RHBZ#457507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3534"
}
],
"release_date": "2008-07-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: tmpfs: fix kernel BUG in shmem_delete_inode"
},
{
"cve": "CVE-2008-3535",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"discovery_date": "2008-07-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457703"
}
],
"notes": [
{
"category": "description",
"text": "Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fix off-by-one error in iov_iter_advance()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3535"
},
{
"category": "external",
"summary": "RHBZ#457703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3535",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3535"
}
],
"release_date": "2008-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: fix off-by-one error in iov_iter_advance()"
},
{
"cve": "CVE-2008-3792",
"discovery_date": "2008-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "459955"
}
],
"notes": [
{
"category": "description",
"text": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: fix potential panics in the SCTP-AUTH API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3792"
},
{
"category": "external",
"summary": "RHBZ#459955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459955"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3792"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3792",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3792"
}
],
"release_date": "2008-08-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sctp: fix potential panics in the SCTP-AUTH API"
},
{
"cve": "CVE-2008-3915",
"discovery_date": "2008-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "461101"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfsd: fix buffer overrun decoding NFSv4 acl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3915"
},
{
"category": "external",
"summary": "RHBZ#461101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461101"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3915",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3915"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3915",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3915"
}
],
"release_date": "2008-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nfsd: fix buffer overrun decoding NFSv4 acl"
},
{
"cve": "CVE-2008-4113",
"discovery_date": "2008-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "464514"
}
],
"notes": [
{
"category": "description",
"text": "The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp_getsockopt_hmac_ident information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4113"
},
{
"category": "external",
"summary": "RHBZ#464514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464514"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4113"
}
],
"release_date": "2008-08-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sctp_getsockopt_hmac_ident information disclosure"
},
{
"cve": "CVE-2008-4445",
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "462599"
}
],
"notes": [
{
"category": "description",
"text": "The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4445"
},
{
"category": "external",
"summary": "RHBZ#462599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=462599"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4445",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4445"
}
],
"release_date": "2008-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option"
}
]
}
RHSA-2008_0857
Vulnerability from csaf_redhat - Published: 2008-10-07 19:16 - Updated: 2024-11-22 02:26Summary
Red Hat Security Advisory: kernel security and bug fix update
Severity
Important
Notes
Topic: Updated kernel packages that fix several security issues and several bugs
are now available for Red Hat Enterprise MRG 1.0.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details: The kernel packages contain the Linux kernel, the core of any Linux
operating system.
A possible integer overflow was found in the Linux kernel Stream Control
Transmission Protocol (SCTP) implementation. This could allow an attacker
to cause a denial of service. (CVE-2008-3526, Important)
A deficiency was found in the Linux kernel Stream Control Transmission
Protocol (SCTP) Authentication Extension implementation. All the SCTP-AUTH
socket options could cause a kernel panic if the API was used when the
extension is disabled. (CVE-2008-3792, Important)
Missing boundary checks were reported in the Linux kernel SCTP
implementation. This could, potentially, cause information disclosure via a
specially crafted SCTP_HMAC_IDENT IOCTL request. (CVE-2008-4113,
CVE-2008-4445, Important)
Tobias Klein reported a missing check in the Linux kernel's Open Sound
System (OSS) implementation. This deficiency could lead to a possible
information leak. (CVE-2008-3272, Moderate)
A deficiency was found in the Linux kernel virtual filesystem (VFS)
implementation. This could allow a local unprivileged user to make a series
of file creations within deleted directories, possibly causing a denial of
service. (CVE-2008-3275, Moderate)
A flaw was found in the Linux kernel Network File System daemon (nfsd) when
NFSv4 was enabled. Remote attackers could use this to cause a denial of
service via a buffer overflow. (CVE-2008-3915, Moderate)
A possible integer overflow was discovered in the Linux kernel Datagram
Congestion Control Protocol (DCCP) implementation. This could allow a
remote attacker to cause a denial of service on a victim's machine.
(CVE-2008-3276, Low)
A deficiency was found in the Linux kernel tmpfs implementation. This could
allow a local unprivileged user to make a certain sequence of file
operations, possibly causing a denial of service. (CVE-2008-3534, Low)
An off-by-one error was found in the iov_iter_advance function. This could
allow a local unprivileged user to cause a denial of service as
demonstrated by a testcase from the Linux Test Project. (CVE-2008-3535,
Low)
These updated packages also fix the following bugs:
* fixed a warning in the openib code.
* increased MAX_STACK_TRACE_ENTRIES on the debug kernel variant.
* enqueue deprioritized RT tasks to head of prio array.
* use timer_pending() to test ipv6 FIB timers.
* added a lower-bound check for the length field in PPPOE headers.
* pppoe: unshare skb to avoid possible data loss.
* using growisofs could cause oops due to the lack of proper sanity checks.
* random seed improvement.
* enabled the "Panic on Oops" feature.
* fixed a portability issue in parse_pmtmr() due to variable type.
* fixed sanity check in cifs/asn1.c.
* fixed a bug introduced by a previous fix, related to the inode code.
* added better sanity checks to dlm code.
* dynamic ftrace enhancements. The daemon is no longer used.
* fixed a format string bug in cpufreq.
* avoid a potential kernel stack overflow in binfmt_misc.c
* fixed the long boot-up time when CONFIG_PROVE_LOCKING is enabled.
* use a better random seed for NAT port randomization.
* a compat_semaphore was being handled as a regular semaphore due to
casting (qla2xxx driver).
All users of Red Hat Enterprise MRG should upgrade to these new packages,
which address these vulnerabilities and fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service ("overflow" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.
CWE-190 - Integer Overflow or Wraparound
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.
CWE-190 - Integer Overflow or Wraparound
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of "useless pages" and improper maintenance of the i_blocks count.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.
CWE-193 - Off-by-one Error
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188
https://access.redhat.com/errata/RHSA-2008:0857
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel packages that fix several security issues and several bugs\nare now available for Red Hat Enterprise MRG 1.0.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nA possible integer overflow was found in the Linux kernel Stream Control\nTransmission Protocol (SCTP) implementation. This could allow an attacker\nto cause a denial of service. (CVE-2008-3526, Important)\n\nA deficiency was found in the Linux kernel Stream Control Transmission\nProtocol (SCTP) Authentication Extension implementation. All the SCTP-AUTH\nsocket options could cause a kernel panic if the API was used when the\nextension is disabled. (CVE-2008-3792, Important)\n\nMissing boundary checks were reported in the Linux kernel SCTP\nimplementation. This could, potentially, cause information disclosure via a\nspecially crafted SCTP_HMAC_IDENT IOCTL request. (CVE-2008-4113,\nCVE-2008-4445, Important)\n\nTobias Klein reported a missing check in the Linux kernel\u0027s Open Sound\nSystem (OSS) implementation. This deficiency could lead to a possible\ninformation leak. (CVE-2008-3272, Moderate)\n\nA deficiency was found in the Linux kernel virtual filesystem (VFS)\nimplementation. This could allow a local unprivileged user to make a series\nof file creations within deleted directories, possibly causing a denial of\nservice. (CVE-2008-3275, Moderate)\n\nA flaw was found in the Linux kernel Network File System daemon (nfsd) when\nNFSv4 was enabled. Remote attackers could use this to cause a denial of\nservice via a buffer overflow. (CVE-2008-3915, Moderate)\n\nA possible integer overflow was discovered in the Linux kernel Datagram\nCongestion Control Protocol (DCCP) implementation. This could allow a\nremote attacker to cause a denial of service on a victim\u0027s machine.\n(CVE-2008-3276, Low)\n\nA deficiency was found in the Linux kernel tmpfs implementation. This could\nallow a local unprivileged user to make a certain sequence of file\noperations, possibly causing a denial of service. (CVE-2008-3534, Low)\n\nAn off-by-one error was found in the iov_iter_advance function. This could\nallow a local unprivileged user to cause a denial of service as\ndemonstrated by a testcase from the Linux Test Project. (CVE-2008-3535,\nLow)\n\nThese updated packages also fix the following bugs:\n\n* fixed a warning in the openib code.\n\n* increased MAX_STACK_TRACE_ENTRIES on the debug kernel variant.\n\n* enqueue deprioritized RT tasks to head of prio array.\n\n* use timer_pending() to test ipv6 FIB timers.\n\n* added a lower-bound check for the length field in PPPOE headers.\n\n* pppoe: unshare skb to avoid possible data loss.\n\n* using growisofs could cause oops due to the lack of proper sanity checks.\n\n* random seed improvement.\n\n* enabled the \"Panic on Oops\" feature.\n\n* fixed a portability issue in parse_pmtmr() due to variable type.\n\n* fixed sanity check in cifs/asn1.c.\n\n* fixed a bug introduced by a previous fix, related to the inode code.\n\n* added better sanity checks to dlm code.\n\n* dynamic ftrace enhancements. The daemon is no longer used.\n\n* fixed a format string bug in cpufreq.\n\n* avoid a potential kernel stack overflow in binfmt_misc.c\n\n* fixed the long boot-up time when CONFIG_PROVE_LOCKING is enabled.\n\n* use a better random seed for NAT port randomization.\n\n* a compat_semaphore was being handled as a regular semaphore due to\ncasting (qla2xxx driver).\n\nAll users of Red Hat Enterprise MRG should upgrade to these new packages,\nwhich address these vulnerabilities and fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2008:0857",
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "447942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447942"
},
{
"category": "external",
"summary": "448574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=448574"
},
{
"category": "external",
"summary": "454270",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=454270"
},
{
"category": "external",
"summary": "457012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457012"
},
{
"category": "external",
"summary": "457014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457014"
},
{
"category": "external",
"summary": "457019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457019"
},
{
"category": "external",
"summary": "457027",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457027"
},
{
"category": "external",
"summary": "457507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457507"
},
{
"category": "external",
"summary": "457703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457703"
},
{
"category": "external",
"summary": "457858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457858"
},
{
"category": "external",
"summary": "457995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457995"
},
{
"category": "external",
"summary": "458016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458016"
},
{
"category": "external",
"summary": "458104",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458104"
},
{
"category": "external",
"summary": "458340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458340"
},
{
"category": "external",
"summary": "458350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458350"
},
{
"category": "external",
"summary": "458487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458487"
},
{
"category": "external",
"summary": "458755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458755"
},
{
"category": "external",
"summary": "458756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458756"
},
{
"category": "external",
"summary": "458758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=458758"
},
{
"category": "external",
"summary": "459141",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459141"
},
{
"category": "external",
"summary": "459226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459226"
},
{
"category": "external",
"summary": "459459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459459"
},
{
"category": "external",
"summary": "459462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459462"
},
{
"category": "external",
"summary": "459478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459478"
},
{
"category": "external",
"summary": "459942",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459942"
},
{
"category": "external",
"summary": "459955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459955"
},
{
"category": "external",
"summary": "460093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460093"
},
{
"category": "external",
"summary": "460455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460455"
},
{
"category": "external",
"summary": "461101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461101"
},
{
"category": "external",
"summary": "462599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=462599"
},
{
"category": "external",
"summary": "464514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464514"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2008/rhsa-2008_0857.json"
}
],
"title": "Red Hat Security Advisory: kernel security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T02:26:25+00:00",
"generator": {
"date": "2024-11-22T02:26:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2008:0857",
"initial_release_date": "2008-10-07T19:16:00+00:00",
"revision_history": [
{
"date": "2008-10-07T19:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2008-10-07T15:18:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T02:26:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MRG Realtime for RHEL 5 Server",
"product": {
"name": "MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-5"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-81.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-81.el5rt?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-81.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-81.el5rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"product": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"product_id": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-81.el5rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"product": {
"name": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"product_id": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-81.el5rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.src as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src"
},
"product_reference": "kernel-rt-0:2.6.24.7-81.el5rt.src",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch"
},
"product_reference": "kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-3272",
"discovery_date": "2008-08-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457995"
}
],
"notes": [
{
"category": "description",
"text": "The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel snd_seq_oss_synth_make_info leak",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3272"
},
{
"category": "external",
"summary": "RHBZ#457995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457995"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3272"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3272",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3272"
}
],
"release_date": "2008-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel snd_seq_oss_synth_make_info leak"
},
{
"cve": "CVE-2008-3275",
"discovery_date": "2008-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457858"
}
],
"notes": [
{
"category": "description",
"text": "The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denial of service (\"overflow\" of the UBIFS orphan area) via a series of attempted file creations within deleted directories.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Linux kernel local filesystem DoS",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3275"
},
{
"category": "external",
"summary": "RHBZ#457858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3275",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3275"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3275",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3275"
}
],
"release_date": "2008-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Linux kernel local filesystem DoS"
},
{
"cve": "CVE-2008-3276",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2008-08-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "459226"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the dccp_setsockopt_change function in net/dccp/proto.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.17-rc1 through 2.6.26.2 allows remote attackers to cause a denial of service (panic) via a crafted integer value, related to Change L and Change R options without at least one byte in the dccpsf_val field.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Linux kernel dccp_setsockopt_change() integer overflow",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3276"
},
{
"category": "external",
"summary": "RHBZ#459226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3276",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3276"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3276",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3276"
}
],
"release_date": "2008-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Linux kernel dccp_setsockopt_change() integer overflow"
},
{
"cve": "CVE-2008-3526",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460093"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via a crafted sca_keylength field associated with the SCTP_AUTH_KEY option.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Linux kernel sctp_setsockopt_auth_key() integer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3526"
},
{
"category": "external",
"summary": "RHBZ#460093",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460093"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3526",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3526"
}
],
"release_date": "2008-08-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Linux kernel sctp_setsockopt_auth_key() integer overflow"
},
{
"cve": "CVE-2008-3534",
"discovery_date": "2008-07-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457507"
}
],
"notes": [
{
"category": "description",
"text": "The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to allocation of \"useless pages\" and improper maintenance of the i_blocks count.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tmpfs: fix kernel BUG in shmem_delete_inode",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3534"
},
{
"category": "external",
"summary": "RHBZ#457507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3534"
}
],
"release_date": "2008-07-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: tmpfs: fix kernel BUG in shmem_delete_inode"
},
{
"cve": "CVE-2008-3535",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"discovery_date": "2008-07-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "457703"
}
],
"notes": [
{
"category": "description",
"text": "Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fix off-by-one error in iov_iter_advance()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3535"
},
{
"category": "external",
"summary": "RHBZ#457703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457703"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3535",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3535"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3535",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3535"
}
],
"release_date": "2008-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: fix off-by-one error in iov_iter_advance()"
},
{
"cve": "CVE-2008-3792",
"discovery_date": "2008-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "459955"
}
],
"notes": [
{
"category": "description",
"text": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: fix potential panics in the SCTP-AUTH API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3792"
},
{
"category": "external",
"summary": "RHBZ#459955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=459955"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3792"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3792",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3792"
}
],
"release_date": "2008-08-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sctp: fix potential panics in the SCTP-AUTH API"
},
{
"cve": "CVE-2008-3915",
"discovery_date": "2008-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "461101"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfsd: fix buffer overrun decoding NFSv4 acl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-3915"
},
{
"category": "external",
"summary": "RHBZ#461101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=461101"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-3915",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3915"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-3915",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3915"
}
],
"release_date": "2008-09-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nfsd: fix buffer overrun decoding NFSv4 acl"
},
{
"cve": "CVE-2008-4113",
"discovery_date": "2008-08-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "464514"
}
],
"notes": [
{
"category": "description",
"text": "The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp_getsockopt_hmac_ident information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4113"
},
{
"category": "external",
"summary": "RHBZ#464514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=464514"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4113",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4113"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4113",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4113"
}
],
"release_date": "2008-08-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sctp_getsockopt_hmac_ident information disclosure"
},
{
"cve": "CVE-2008-4445",
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "462599"
}
],
"notes": [
{
"category": "description",
"text": "The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX, which allows local users to obtain sensitive information via a crafted SCTP_HMAC_IDENT IOCTL request involving the sctp_getsockopt function, a different vulnerability than CVE-2008-4113.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4445"
},
{
"category": "external",
"summary": "RHBZ#462599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=462599"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4445",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4445"
}
],
"release_date": "2008-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2008-10-07T19:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/FAQ_58_10188",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-81.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-81.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-81.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2008:0857"
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option"
}
]
}
GHSA-WQ73-MHJ6-VJHC
Vulnerability from github – Published: 2022-05-02 00:03 – Updated: 2025-04-09 03:57
VLAI?
Details
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
{
"affected": [],
"aliases": [
"CVE-2008-3792"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-09-03T14:12:00Z",
"severity": "HIGH"
},
"details": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.",
"id": "GHSA-wq73-mhj6-vjhc",
"modified": "2025-04-09T03:57:59Z",
"published": "2022-05-02T00:03:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3792"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"type": "WEB",
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31881"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32190"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32393"
},
{
"type": "WEB",
"url": "http://securityreason.com/securityalert/4210"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/31121"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1020854"
},
{
"type": "WEB",
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/usn-659-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2008-3792
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-3792",
"description": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.",
"id": "GSD-2008-3792",
"references": [
"https://www.suse.com/security/cve/CVE-2008-3792.html",
"https://www.debian.org/security/2008/dsa-1636",
"https://access.redhat.com/errata/RHSA-2008:0857"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-3792"
],
"details": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.",
"id": "GSD-2008-3792",
"modified": "2023-12-13T01:23:06.010150Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.trapkit.de/advisories/TKADV2008-007.txt",
"refsource": "MISC",
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"name": "32190",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32190"
},
{
"name": "32393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32393"
},
{
"name": "DSA-1636",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"name": "31121",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31121"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"name": "31881",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31881"
},
{
"name": "USN-659-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"name": "linux-kernel-sctpauthapi-dos(45189)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"name": "SUSE-SA:2008:053",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"name": "RHSA-2008:0857",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"name": "[oss-security] 20080825 CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"name": "[linux-kernel] 20080823 [GIT]: Networking",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"name": "1020854",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020854"
},
{
"name": "4210",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4210"
},
{
"name": "20080911 [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"name": "[linux-netdev] 20080821 [PATCH] sctp: fix potential panics in the SCTP-AUTH API.",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"name": "[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3792"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20080823 [GIT]: Networking",
"refsource": "MLIST",
"tags": [],
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"name": "[linux-netdev] 20080821 [PATCH] sctp: fix potential panics in the SCTP-AUTH API.",
"refsource": "MLIST",
"tags": [],
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"name": "[oss-security] 20080825 CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"name": "[oss-security] 20080826 Re: CVE request: kernel: sctp: fix potential panics in the SCTP-AUTH API",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4",
"refsource": "CONFIRM",
"tags": [],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"name": "DSA-1636",
"refsource": "DEBIAN",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"name": "31881",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31881"
},
{
"name": "1020854",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1020854"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"name": "http://www.trapkit.de/advisories/TKADV2008-007.txt",
"refsource": "MISC",
"tags": [],
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"name": "32190",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32190"
},
{
"name": "RHSA-2008:0857",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"name": "31121",
"refsource": "BID",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/31121"
},
{
"name": "SUSE-SA:2008:053",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"name": "USN-659-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"name": "32393",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32393"
},
{
"name": "[oss-security] 20080926 Re: CVE-2008-4113 update: kernel: sctp: fix random memory dereference with SCTP_HMAC_IDENT option",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
},
{
"name": "4210",
"refsource": "SREASON",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/4210"
},
{
"name": "linux-kernel-sctpauthapi-dos(45189)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"name": "20080911 [TKADV2008-007] Linux Kernel SCTP-AUTH API Information Disclosure Vulnerability and NULL Pointer Dereferences",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-10-11T20:49Z",
"publishedDate": "2008-09-03T14:12Z"
}
}
}
FKIE_CVE-2008-3792
Vulnerability from fkie_nvd - Published: 2008-09-03 14:12 - Updated: 2025-04-09 00:30
Severity ?
Summary
net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4 | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html | ||
| cve@mitre.org | http://lkml.org/lkml/2008/8/23/49 | ||
| cve@mitre.org | http://marc.info/?l=linux-netdev&m=121928747903176&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/31881 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32190 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32393 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/4210 | Exploit | |
| cve@mitre.org | http://www.debian.org/security/2008/dsa-1636 | Patch | |
| cve@mitre.org | http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4 | Vendor Advisory | |
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/08/25/1 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/08/26/6 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/08/26/8 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/09/26/6 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2008-0857.html | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/496256/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/31121 | Exploit, Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1020854 | ||
| cve@mitre.org | http://www.trapkit.de/advisories/TKADV2008-007.txt | ||
| cve@mitre.org | http://www.ubuntu.com/usn/usn-659-1 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/45189 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lkml.org/lkml/2008/8/23/49 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=linux-netdev&m=121928747903176&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31881 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32190 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32393 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4210 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2008/dsa-1636 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/08/25/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/08/26/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/08/26/8 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/09/26/6 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2008-0857.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/496256/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/31121 | Exploit, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1020854 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.trapkit.de/advisories/TKADV2008-007.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/usn-659-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/45189 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | 2.6.26.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA56669-B09E-42C2-9591-245C46909A2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereference and panic) via vectors that result in calls to (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, or (9) sctp_getsockopt_local_auth_chunks."
},
{
"lang": "es",
"value": "En el archivo net/sctp/socket.c en la implementaci\u00f3n del Stream Control Transmission Protocol (sctp) en el Kernel de Linux anterior a versi\u00f3n 2.6.26.4, no comprueba que la extensi\u00f3n SCTP-AUTH est\u00e9 habilitada antes de proceder con las funciones de la API SCTP-AUTH, lo que permite a atacantes causar una denegaci\u00f3n de servicio (desreferencia del puntero NULL y p\u00e1nico) por medio de vectores que resultan en llamadas a la funci\u00f3n (1) sctp_setsockopt_auth_chunk, (2) sctp_setsockopt_hmac_ident, (3) sctp_setsockopt_auth_key, (4) sctp_setsockopt_active_key, (5) sctp_setsockopt_del_key, (6) sctp_getsockopt_maxburst, (7) sctp_getsockopt_active_key, (8) sctp_getsockopt_peer_auth_chunks, o (9) sctp_getsockopt_local_auth_chunks."
}
],
"id": "CVE-2008-3792",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-03T14:12:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"source": "cve@mitre.org",
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31881"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32190"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32393"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/4210"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/31121"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020854"
},
{
"source": "cve@mitre.org",
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5e739d1752aca4e8f3e794d431503bfca3162df4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lkml.org/lkml/2008/8/23/49"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=linux-netdev\u0026m=121928747903176\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/securityalert/4210"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2008/dsa-1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/08/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/08/26/8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/09/26/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0857.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496256/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/31121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trapkit.de/advisories/TKADV2008-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-659-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nIt was addressed in Red Hat Enterprise MRG for RHEL-5 via: https://rhn.redhat.com/errata/RHSA-2008-0857.html",
"lastModified": "2009-01-15T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…