Vulnerability-Lookup

CVE-2009-1630 (GCVE-0-2009-1630)

Vulnerability from cvelistv5 – Published: 2009-05-14 17:00 – Updated: 2024-08-07 05:20

Summary

The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.

Severity

No CVSS data available.

CWE

Assigner

mitre

References

32 references

URL	Tags
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://www.debian.org/security/2009/dsa-1865	vendor-advisoryx_refsource_DEBIAN
http://wiki.rpath.com/Advisories:rPSA-2009-0111	x_refsource_CONFIRM
http://article.gmane.org/gmane.linux.nfs/26592	mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/34934	vdb-entryx_refsource_BID
http://secunia.com/advisories/37471	third-party-advisoryx_refsource_SECUNIA
http://linux-nfs.org/pipermail/nfsv4/2006-Novembe…	mailing-listx_refsource_MLIST
http://www.openwall.com/lists/oss-security/2009/05/13/2	mailing-listx_refsource_MLIST
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/35656	third-party-advisoryx_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://www.debian.org/security/2009/dsa-1844	vendor-advisoryx_refsource_DEBIAN
http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2009/1331	vdb-entryx_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2009-11…	vendor-advisoryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=500297	x_refsource_CONFIRM
http://secunia.com/advisories/35106	third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/505254/100…	mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/507985/100…	mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/36051	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/35298	third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/36327	third-party-advisoryx_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://bugzilla.linux-nfs.org/show_bug.cgi?id=131	x_refsource_CONFIRM
http://www.ubuntu.com/usn/usn-793-1	vendor-advisoryx_refsource_UBUNTU
http://linux-nfs.org/pipermail/nfsv4/2006-Novembe…	mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.vupen.com/english/advisories/2009/3316	vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/35394	third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1809	vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/35847	third-party-advisoryx_refsource_SECUNIA

Date Public

2009-05-09 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:20:34.608Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2009:135",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
          },
          {
            "name": "DSA-1865",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1865"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0111"
          },
          {
            "name": "[linux-nfs] 20090509 [NFS] [PATCH] nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://article.gmane.org/gmane.linux.nfs/26592"
          },
          {
            "name": "34934",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34934"
          },
          {
            "name": "37471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37471"
          },
          {
            "name": "[nfsv4] 20061116 Status of execute permissions in NFSv4 ACLs ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html"
          },
          {
            "name": "[oss-security] 20090513 CVE request: kernel: problem with NFS v4 client handling of MAY_EXEC in nfs_permission",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2009/05/13/2"
          },
          {
            "name": "MDVSA-2009:148",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:148"
          },
          {
            "name": "35656",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35656"
          },
          {
            "name": "oval:org.mitre.oval:def:9990",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990"
          },
          {
            "name": "DSA-1844",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1844"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
          },
          {
            "name": "ADV-2009-1331",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1331"
          },
          {
            "name": "RHSA-2009:1157",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1157.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500297"
          },
          {
            "name": "35106",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35106"
          },
          {
            "name": "20090724 rPSA-2009-0111-1 kernel",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/505254/100/0/threaded"
          },
          {
            "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
          },
          {
            "name": "36051",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36051"
          },
          {
            "name": "35298",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35298"
          },
          {
            "name": "36327",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36327"
          },
          {
            "name": "oval:org.mitre.oval:def:8543",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543"
          },
          {
            "name": "SUSE-SA:2009:031",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.linux-nfs.org/show_bug.cgi?id=131"
          },
          {
            "name": "USN-793-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-793-1"
          },
          {
            "name": "[nfsv4] 20061117 [Patch] Re: Status of execute permissions in NFSv4 ACLs ?",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html"
          },
          {
            "name": "SUSE-SA:2009:038",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html"
          },
          {
            "name": "ADV-2009-3316",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3316"
          },
          {
            "name": "35394",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35394"
          },
          {
            "name": "DSA-1809",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1809"
          },
          {
            "name": "35847",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35847"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2009:135",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
        },
        {
          "name": "DSA-1865",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1865"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0111"
        },
        {
          "name": "[linux-nfs] 20090509 [NFS] [PATCH] nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://article.gmane.org/gmane.linux.nfs/26592"
        },
        {
          "name": "34934",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34934"
        },
        {
          "name": "37471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37471"
        },
        {
          "name": "[nfsv4] 20061116 Status of execute permissions in NFSv4 ACLs ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html"
        },
        {
          "name": "[oss-security] 20090513 CVE request: kernel: problem with NFS v4 client handling of MAY_EXEC in nfs_permission",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2009/05/13/2"
        },
        {
          "name": "MDVSA-2009:148",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:148"
        },
        {
          "name": "35656",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35656"
        },
        {
          "name": "oval:org.mitre.oval:def:9990",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990"
        },
        {
          "name": "DSA-1844",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1844"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
        },
        {
          "name": "ADV-2009-1331",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1331"
        },
        {
          "name": "RHSA-2009:1157",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1157.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500297"
        },
        {
          "name": "35106",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35106"
        },
        {
          "name": "20090724 rPSA-2009-0111-1 kernel",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/505254/100/0/threaded"
        },
        {
          "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
        },
        {
          "name": "36051",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36051"
        },
        {
          "name": "35298",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35298"
        },
        {
          "name": "36327",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36327"
        },
        {
          "name": "oval:org.mitre.oval:def:8543",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543"
        },
        {
          "name": "SUSE-SA:2009:031",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.linux-nfs.org/show_bug.cgi?id=131"
        },
        {
          "name": "USN-793-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-793-1"
        },
        {
          "name": "[nfsv4] 20061117 [Patch] Re: Status of execute permissions in NFSv4 ACLs ?",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html"
        },
        {
          "name": "SUSE-SA:2009:038",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html"
        },
        {
          "name": "ADV-2009-3316",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3316"
        },
        {
          "name": "35394",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35394"
        },
        {
          "name": "DSA-1809",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1809"
        },
        {
          "name": "35847",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35847"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-1630",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2009:135",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:135"
            },
            {
              "name": "DSA-1865",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1865"
            },
            {
              "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0111",
              "refsource": "CONFIRM",
              "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0111"
            },
            {
              "name": "[linux-nfs] 20090509 [NFS] [PATCH] nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission.",
              "refsource": "MLIST",
              "url": "http://article.gmane.org/gmane.linux.nfs/26592"
            },
            {
              "name": "34934",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34934"
            },
            {
              "name": "37471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37471"
            },
            {
              "name": "[nfsv4] 20061116 Status of execute permissions in NFSv4 ACLs ?",
              "refsource": "MLIST",
              "url": "http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html"
            },
            {
              "name": "[oss-security] 20090513 CVE request: kernel: problem with NFS v4 client handling of MAY_EXEC in nfs_permission",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2009/05/13/2"
            },
            {
              "name": "MDVSA-2009:148",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:148"
            },
            {
              "name": "35656",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35656"
            },
            {
              "name": "oval:org.mitre.oval:def:9990",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990"
            },
            {
              "name": "DSA-1844",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1844"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
            },
            {
              "name": "ADV-2009-1331",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1331"
            },
            {
              "name": "RHSA-2009:1157",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1157.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=500297",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500297"
            },
            {
              "name": "35106",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35106"
            },
            {
              "name": "20090724 rPSA-2009-0111-1 kernel",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/505254/100/0/threaded"
            },
            {
              "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
            },
            {
              "name": "36051",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36051"
            },
            {
              "name": "35298",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35298"
            },
            {
              "name": "36327",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36327"
            },
            {
              "name": "oval:org.mitre.oval:def:8543",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543"
            },
            {
              "name": "SUSE-SA:2009:031",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"
            },
            {
              "name": "http://bugzilla.linux-nfs.org/show_bug.cgi?id=131",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.linux-nfs.org/show_bug.cgi?id=131"
            },
            {
              "name": "USN-793-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-793-1"
            },
            {
              "name": "[nfsv4] 20061117 [Patch] Re: Status of execute permissions in NFSv4 ACLs ?",
              "refsource": "MLIST",
              "url": "http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html"
            },
            {
              "name": "SUSE-SA:2009:038",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html"
            },
            {
              "name": "ADV-2009-3316",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3316"
            },
            {
              "name": "35394",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35394"
            },
            {
              "name": "DSA-1809",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1809"
            },
            {
              "name": "35847",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35847"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-1630",
    "datePublished": "2009-05-14T17:00:00.000Z",
    "dateReserved": "2009-05-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T05:20:34.608Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2009-1630",
      "date": "2026-06-03",
      "epss": "0.00109",
      "percentile": "0.28901"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.6.29.3\", \"matchCriteriaId\": \"F8F01798-4A0A-405B-A70E-C858868A49E0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B42AB65-443B-4655-BAEA-4EB4A43D9509\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C757774-08E7-40AA-B532-6F705C8F7639\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0507E91-567A-41D6-A7E5-5088A39F75FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4747CC68-FAF4-482F-929A-9DA6C24CB663\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5D026D0-EF78-438D-BEDD-FC8571F3ACEB\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esx:2.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ECFD8D25-7FDF-48DF-8728-5875C44FFB53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"902BA958-06AA-4EDF-9F9E-1030083EA361\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFF29100-E124-4416-95CF-18B4246D43F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC337BB7-9A45-4406-A783-851F279130EE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n nfs_permission en fs/nfs/dir.c en la implementaci\\u00f3n cliente  NFS en Linux kernel v2.6.29.3 y versiones anteriores, cuando atomic_open est\\u00e1 activo, no comprueba la ejecuci\\u00f3n (tambi\\u00e9n conocido como EXEC or MAY_EXEC) de permisos de bits, lo cual permite a usuarios locales evitar permisos y ejecutar ficheros, como lo demostrado por ficheros en un servidor de ficheros NFSv4.\"}]",
      "id": "CVE-2009-1630",
      "lastModified": "2024-11-21T01:02:56.680",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.4, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-05-14T17:30:00.780",
      "references": "[{\"url\": \"http://article.gmane.org/gmane.linux.nfs/26592\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://bugzilla.linux-nfs.org/show_bug.cgi?id=131\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/35106\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35298\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35394\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35656\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35847\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36051\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36327\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/37471\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2009-0111\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1809\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1844\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1865\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:135\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:148\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/05/13/2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2009-1157.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/505254/100/0/threaded\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/507985/100/0/threaded\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/34934\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-793-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1331\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3316\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=500297\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://article.gmane.org/gmane.linux.nfs/26592\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://bugzilla.linux-nfs.org/show_bug.cgi?id=131\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/35106\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35298\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35394\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35656\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/35847\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36051\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36327\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/37471\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://wiki.rpath.com/Advisories:rPSA-2009-0111\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1809\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1844\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1865\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:135\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2009:148\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2009/05/13/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2009-1157.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/505254/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/507985/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/34934\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-793-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1331\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/3316\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=500297\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vendorComments": "[{\"organization\": \"Red Hat\", \"comment\": \"This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, and 3.\\n\\nIt was addressed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2009-1132.html , https://rhn.redhat.com/errata/RHSA-2009-1106.html , and https://rhn.redhat.com/errata/RHSA-2009-1157.html .\", \"lastModified\": \"2009-09-10T00:00:00\"}]",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-1630\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-05-14T17:30:00.780\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n nfs_permission en fs/nfs/dir.c en la implementaci\u00f3n cliente  NFS en Linux kernel v2.6.29.3 y versiones anteriores, cuando atomic_open est\u00e1 activo, no comprueba la ejecuci\u00f3n (tambi\u00e9n conocido como EXEC or MAY_EXEC) de permisos de bits, lo cual permite a usuarios locales evitar permisos y ejecutar ficheros, como lo demostrado por ficheros en un servidor de ficheros NFSv4.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.29.3\",\"matchCriteriaId\":\"F8F01798-4A0A-405B-A70E-C858868A49E0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B42AB65-443B-4655-BAEA-4EB4A43D9509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C757774-08E7-40AA-B532-6F705C8F7639\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0507E91-567A-41D6-A7E5-5088A39F75FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4747CC68-FAF4-482F-929A-9DA6C24CB663\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5D026D0-EF78-438D-BEDD-FC8571F3ACEB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esx:2.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECFD8D25-7FDF-48DF-8728-5875C44FFB53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esx:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"902BA958-06AA-4EDF-9F9E-1030083EA361\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFF29100-E124-4416-95CF-18B4246D43F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC337BB7-9A45-4406-A783-851F279130EE\"}]}]}],\"references\":[{\"url\":\"http://article.gmane.org/gmane.linux.nfs/26592\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://bugzilla.linux-nfs.org/show_bug.cgi?id=131\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/35106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35298\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35394\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35656\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35847\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36051\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36327\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/37471\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2009-0111\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1809\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1844\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1865\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:135\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:148\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/05/13/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1157.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/505254/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/507985/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/34934\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-793-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1331\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3316\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=500297\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://article.gmane.org/gmane.linux.nfs/26592\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://bugzilla.linux-nfs.org/show_bug.cgi?id=131\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/35106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35394\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/35847\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36051\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36327\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/37471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2009-0111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1809\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1844\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1865\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:135\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2009:148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/05/13/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-1157.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/archive/1/505254/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/507985/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/34934\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-793-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2009-0016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/3316\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=500297\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8543\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9990\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, and 3.\\n\\nIt was addressed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2009-1132.html , https://rhn.redhat.com/errata/RHSA-2009-1106.html , and https://rhn.redhat.com/errata/RHSA-2009-1157.html .\",\"lastModified\":\"2009-09-10T00:00:00\"}]}}"
  }
}

RHSA-2009_1157

Vulnerability from csaf_redhat - Published: 2009-07-14 19:11 - Updated: 2024-11-22 03:12

Summary

Red Hat Security Advisory: kernel-rt security and bug fix update

Severity

Important

Notes

Topic: Updated kernel-rt packages that fix several security issues and various bugs are now available for Red Hat Enterprise MRG 1.1. This update has been rated as having important security impact by the Red Hat Security Response Team.

Details: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially-crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important) * Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver in the Linux kernel. This driver allowed interfaces using this driver to receive frames larger than what could be handled. This could lead to a remote denial of service or code execution. (CVE-2009-1389, Important) * several flaws were found in the way the Linux kernel CIFS implementation handles Unicode strings. CIFS clients convert Unicode strings sent by a server to their local character sets, and then write those strings into memory. If a malicious server sent a long enough string, it could write past the end of the target memory region and corrupt other memory areas, possibly leading to a denial of service or privilege escalation on the client mounting the CIFS share. (CVE-2009-1633, Important) * Frank Filz reported the NFSv4 client was missing a file permission check for the execute bit in some situations. This could allow local, unprivileged users to run non-executable files on NFSv4 mounted file systems. (CVE-2009-1630, Moderate) * a deadlock flaw was found in the Linux kernel splice implementation. This deadlock could occur during interactions between the generic_file_splice_write() and splice_from_pipe() functions, possibly leading to a partial denial of service on the file system partition where the deadlock occurs. (CVE-2009-1961, Moderate) Bug fixes: * a stack buffer used by get_event_name() was not large enough to accommodate the nul terminator that sprintf() writes. In some cases, this could lead to an invalid pointer or a kernel panic. With this update, the function is modified to allow space for the nul terminator. (BZ#503902) * free_bootmem() was hard-coded to use node 0. This could have caused a kernel panic during boot on a NUMA system that happens to boot on a node other than node 0. With this update, free_bootmem() acts on the current node, resolving this issue. (BZ#503048) * CPU flag mishandling caused TSC clocksource synchronization to fail (TSC was marked unstable) on the Intel® microarchitecture (Nehalem). In addition, TSC clocksource checks added to the 64-bit kernel code are now present for i386 systems. Also, "/proc/cpuinfo" now shows TSC-related flags. (BZ#50289, BZ#508756) * barriers are used to make sure delayed work requested from threads is processed before continuing. run_workqueue(), however, exited before processing all barriers, causing threads to wait forever. In a reported case, this bug caused missing path issues for Device Mapper Multipathing. (BZ#504133) * calling pipe() with an invalid address caused a file descriptor leak. (BZ#509629) * the code to add "/dev/rtc" contained a printk statement without a log level prefix. (BZ#510099) * an extra check has been added to the realtime kernel to avoid a rare corruption of the FPU (Floating Point Unit) stack, which could occur if a task using FPU registers was preempted by an interruption. (BZ#509359) * fix a boot-up problem on HP ProLiant SL2x170z G6 and similar systems by adding Intel ICH10 controllers back to the ata_piix driver. (BZ#508783) * converts a UID comparison in AGP to a more secure capability check. By default, "/dev/agpgart" is accessible only to the root user. (BZ#505493) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2009-1385

Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.

7.1 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2009-1389

Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.

6.1 ()


                        
                          AV:A/AC:L/Au:N/C:N/I:N/A:C

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2009-1630

2.1 ()


                        
                          AV:L/AC:L/Au:N/C:N/I:P/A:N

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2009-1633

Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.

7.1 ()


                        
                          AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix

Threats

Impact Important

CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.

2.1 ()


                        
                          AV:L/AC:L/Au:N/C:N/I:N/A:P

Affected products

Fixed 28 products

Product	Version	Remediation
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686	—	Vendor Fix fix
Unresolved product id: 5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

References

35 references

URL	Category
https://access.redhat.com/errata/RHSA-2009:1157	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=496572	external
https://bugzilla.redhat.com/show_bug.cgi?id=500297	external
https://bugzilla.redhat.com/show_bug.cgi?id=502893	external
https://bugzilla.redhat.com/show_bug.cgi?id=502981	external
https://bugzilla.redhat.com/show_bug.cgi?id=503048	external
https://bugzilla.redhat.com/show_bug.cgi?id=503474	external
https://bugzilla.redhat.com/show_bug.cgi?id=503902	external
https://bugzilla.redhat.com/show_bug.cgi?id=504133	external
https://bugzilla.redhat.com/show_bug.cgi?id=504726	external
https://bugzilla.redhat.com/show_bug.cgi?id=505493	external
https://bugzilla.redhat.com/show_bug.cgi?id=509629	external
https://bugzilla.redhat.com/show_bug.cgi?id=510099	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2009-1385	self
https://bugzilla.redhat.com/show_bug.cgi?id=502981	external
https://www.cve.org/CVERecord?id=CVE-2009-1385	external
https://nvd.nist.gov/vuln/detail/CVE-2009-1385	external
https://access.redhat.com/security/cve/CVE-2009-1389	self
https://bugzilla.redhat.com/show_bug.cgi?id=504726	external
https://www.cve.org/CVERecord?id=CVE-2009-1389	external
https://nvd.nist.gov/vuln/detail/CVE-2009-1389	external
https://access.redhat.com/security/cve/CVE-2009-1630	self
https://bugzilla.redhat.com/show_bug.cgi?id=500297	external
https://www.cve.org/CVERecord?id=CVE-2009-1630	external
https://nvd.nist.gov/vuln/detail/CVE-2009-1630	external
https://access.redhat.com/security/cve/CVE-2009-1633	self
https://bugzilla.redhat.com/show_bug.cgi?id=496572	external
https://www.cve.org/CVERecord?id=CVE-2009-1633	external
https://nvd.nist.gov/vuln/detail/CVE-2009-1633	external
https://access.redhat.com/security/cve/CVE-2009-1961	self
https://bugzilla.redhat.com/show_bug.cgi?id=503474	external
https://www.cve.org/CVERecord?id=CVE-2009-1961	external
https://nvd.nist.gov/vuln/detail/CVE-2009-1961	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated kernel-rt packages that fix several security issues and various\nbugs are now available for Red Hat Enterprise MRG 1.1.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* a flaw was found in the Intel PRO/1000 network driver in the Linux\nkernel. Frames with sizes near the MTU of an interface may be split across\nmultiple hardware receive descriptors. Receipt of such a frame could leak\nthrough a validation check, leading to a corruption of the length check. A\nremote attacker could use this flaw to send a specially-crafted packet that\nwould cause a denial of service or code execution. (CVE-2009-1385,\nImportant)\n\n* Michael Tokarev reported a flaw in the Realtek r8169 Ethernet driver in\nthe Linux kernel. This driver allowed interfaces using this driver to\nreceive frames larger than what could be handled. This could lead to a\nremote denial of service or code execution. (CVE-2009-1389, Important)\n\n* several flaws were found in the way the Linux kernel CIFS implementation\nhandles Unicode strings. CIFS clients convert Unicode strings sent by a\nserver to their local character sets, and then write those strings into\nmemory. If a malicious server sent a long enough string, it could write\npast the end of the target memory region and corrupt other memory areas,\npossibly leading to a denial of service or privilege escalation on the\nclient mounting the CIFS share. (CVE-2009-1633, Important)\n\n* Frank Filz reported the NFSv4 client was missing a file permission check\nfor the execute bit in some situations. This could allow local,\nunprivileged users to run non-executable files on NFSv4 mounted file\nsystems. (CVE-2009-1630, Moderate)\n\n* a deadlock flaw was found in the Linux kernel splice implementation. This\ndeadlock could occur during interactions between the\ngeneric_file_splice_write() and splice_from_pipe() functions, possibly\nleading to a partial denial of service on the file system partition where\nthe deadlock occurs. (CVE-2009-1961, Moderate)\n\nBug fixes:\n\n* a stack buffer used by get_event_name() was not large enough to\naccommodate the nul terminator that sprintf() writes. In some cases, this\ncould lead to an invalid pointer or a kernel panic. With this update, the\nfunction is modified to allow space for the nul terminator. (BZ#503902)\n\n* free_bootmem() was hard-coded to use node 0. This could have caused a\nkernel panic during boot on a NUMA system that happens to boot on a node\nother than node 0. With this update, free_bootmem() acts on the current\nnode, resolving this issue. (BZ#503048)\n\n* CPU flag mishandling caused TSC clocksource synchronization to fail (TSC\nwas marked unstable) on the Intel\u00ae microarchitecture (Nehalem). In\naddition, TSC clocksource checks added to the 64-bit kernel code are now\npresent for i386 systems. Also, \"/proc/cpuinfo\" now shows TSC-related\nflags. (BZ#50289, BZ#508756)\n\n* barriers are used to make sure delayed work requested from threads is\nprocessed before continuing. run_workqueue(), however, exited before\nprocessing all barriers, causing threads to wait forever. In a reported\ncase, this bug caused missing path issues for Device Mapper Multipathing.\n(BZ#504133)\n\n* calling pipe() with an invalid address caused a file descriptor leak.\n(BZ#509629)\n\n* the code to add \"/dev/rtc\" contained a printk statement without a log\nlevel prefix. (BZ#510099)\n\n* an extra check has been added to the realtime kernel to avoid a rare\ncorruption of the FPU (Floating Point Unit) stack, which could occur if a\ntask using FPU registers was preempted by an interruption. (BZ#509359)\n\n* fix a boot-up problem on HP ProLiant SL2x170z G6 and similar systems by\nadding Intel ICH10 controllers back to the ata_piix driver. (BZ#508783)\n\n* converts a UID comparison in AGP to a more secure capability check. By\ndefault, \"/dev/agpgart\" is accessible only to the root user. (BZ#505493)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:1157",
        "url": "https://access.redhat.com/errata/RHSA-2009:1157"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "496572",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=496572"
      },
      {
        "category": "external",
        "summary": "500297",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500297"
      },
      {
        "category": "external",
        "summary": "502893",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502893"
      },
      {
        "category": "external",
        "summary": "502981",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502981"
      },
      {
        "category": "external",
        "summary": "503048",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503048"
      },
      {
        "category": "external",
        "summary": "503474",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503474"
      },
      {
        "category": "external",
        "summary": "503902",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503902"
      },
      {
        "category": "external",
        "summary": "504133",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504133"
      },
      {
        "category": "external",
        "summary": "504726",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504726"
      },
      {
        "category": "external",
        "summary": "505493",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=505493"
      },
      {
        "category": "external",
        "summary": "509629",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=509629"
      },
      {
        "category": "external",
        "summary": "510099",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=510099"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1157.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T03:12:59+00:00",
      "generator": {
        "date": "2024-11-22T03:12:59+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2009:1157",
      "initial_release_date": "2009-07-14T19:11:00+00:00",
      "revision_history": [
        {
          "date": "2009-07-14T19:11:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-07-14T15:11:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T03:12:59+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "MRG Realtime for RHEL 5 Server",
                "product": {
                  "name": "MRG Realtime for RHEL 5 Server",
                  "product_id": "5Server-MRG-Realtime-1.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise MRG for RHEL-5"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
                "product": {
                  "name": "kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_id": "kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-126.el5rt?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_id": "kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-126.el5rt?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
                "product": {
                  "name": "kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
                  "product_id": "kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-126.el5rt?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:2.6.24.7-126.el5rt.src",
                "product": {
                  "name": "kernel-rt-0:2.6.24.7-126.el5rt.src",
                  "product_id": "kernel-rt-0:2.6.24.7-126.el5rt.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-126.el5rt?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:2.6.24.7-126.el5rt.src as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src"
        },
        "product_reference": "kernel-rt-0:2.6.24.7-126.el5rt.src",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch"
        },
        "product_reference": "kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686"
        },
        "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
          "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64",
        "relates_to_product_reference": "5Server-MRG-Realtime-1.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-1385",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "discovery_date": "2009-05-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "502981"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: e1000_clean_rx_irq() denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1385"
        },
        {
          "category": "external",
          "summary": "RHBZ#502981",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502981"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1385",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1385"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1385",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1385"
        }
      ],
      "release_date": "2007-04-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-14T19:11:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1157"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: e1000_clean_rx_irq() denial of service"
    },
    {
      "cve": "CVE-2009-1389",
      "discovery_date": "2009-06-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "504726"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: r8169: fix crash when large packets are received",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1389"
        },
        {
          "category": "external",
          "summary": "RHBZ#504726",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504726"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1389",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1389"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1389",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1389"
        }
      ],
      "release_date": "2009-02-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-14T19:11:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1157"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: r8169: fix crash when large packets are received"
    },
    {
      "cve": "CVE-2009-1630",
      "discovery_date": "2009-05-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "500297"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, and 3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1630"
        },
        {
          "category": "external",
          "summary": "RHBZ#500297",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500297"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1630",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1630"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1630",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1630"
        }
      ],
      "release_date": "2009-05-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-14T19:11:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1157"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: nfs: fix NFS v4 client handling of MAY_EXEC in nfs_permission"
    },
    {
      "cve": "CVE-2009-1633",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "discovery_date": "2009-04-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "496572"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, and 3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1633"
        },
        {
          "category": "external",
          "summary": "RHBZ#496572",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=496572"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1633",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1633"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1633",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1633"
        }
      ],
      "release_date": "2009-04-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-14T19:11:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1157"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: cifs: fix potential buffer overruns when converting unicode strings sent by server"
    },
    {
      "cve": "CVE-2009-1961",
      "discovery_date": "2009-06-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "503474"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: splice local denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect versions of Linux kernel as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise Linux MRG 2.\n\nThis issue was fixed in Red Hat Enterprise Linux MRG 1 via https://rhn.redhat.com/errata/RHSA-2009-1157.html.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
          "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
          "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-1961"
        },
        {
          "category": "external",
          "summary": "RHBZ#503474",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=503474"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1961",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-1961"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1961",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1961"
        }
      ],
      "release_date": "2009-04-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-07-14T19:11:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1157"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.src",
            "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-126.el5rt.noarch",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-126.el5rt.x86_64",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.i686",
            "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-126.el5rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: splice local denial of service"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-1630 (GCVE-0-2009-1630)

RHSA-2009_1157

Tags

Sightings

Nomenclature