Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-3707 (GCVE-0-2016-3707)
Vulnerability from cvelistv5 – Published: 2016-06-27 10:00 – Updated: 2024-08-06 00:03
VLAI?
EPSS
Summary
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2016:1341 | vendor-advisoryx_refsource_REDHAT |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://access.redhat.com/errata/RHSA-2016:1301 | vendor-advisoryx_refsource_REDHAT |
| http://www.openwall.com/lists/oss-security/2016/05/17/1 | mailing-listx_refsource_MLIST |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.redhat.com/show_bug.cgi?id=1327484 | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
Date Public ?
2016-05-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.462Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:1341",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "RHSA-2016:1301",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"name": "[oss-security] 20160517 CVE-2016-3707 : kernel-rt - Sending SysRq command via ICMP echo request",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2016:1341",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "RHSA-2016:1301",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"name": "[oss-security] 20160517 CVE-2016-3707 : kernel-rt - Sending SysRq command via ICMP echo request",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
},
{
"name": "SUSE-SU-2016:1764",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-3707",
"datePublished": "2016-06-27T10:00:00.000Z",
"dateReserved": "2016-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:03:34.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-3707",
"date": "2026-05-20",
"epss": "0.01788",
"percentile": "0.82963"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel-rt:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.10.0\", \"matchCriteriaId\": \"E86CD217-1B09-4319-8C00-8430767D2A90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2B15608-BABC-4663-A58F-B74BD2D1A734\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36E85B24-30F2-42AB-9F68-8668C0FCC5E3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2905A9C-3E00-4188-8341-E5C2F62EF405\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n icmp_check_sysrq en net/ipv4/icmp.c en los kernel.org projects/rt patches para el kernel de Linux, tal como se utiliza en el paquete kernel-rt en versiones anteriores a 3.10.0-327.22.1 en Red Hat Enterprise Linux for Real Time 7 y otros productos, permite a atacantes remotos ejecutar comandos SysRq a trav\\u00e9s de paquetes ICMP Echo Request manipulados, como demuestra un ataque de fuerza bruta para descubrir una cookie, o un ataque que ocurra despu\\u00e9s de leer el archivo local icmp_echo_sysrq.\"}]",
"id": "CVE-2016-3707",
"lastModified": "2024-11-21T02:50:32.623",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-06-27T10:59:04.563",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/05/17/1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1301\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1341\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1327484\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/05/17/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1301\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1341\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1327484\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-3707\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-06-27T10:59:04.563\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n icmp_check_sysrq en net/ipv4/icmp.c en los kernel.org projects/rt patches para el kernel de Linux, tal como se utiliza en el paquete kernel-rt en versiones anteriores a 3.10.0-327.22.1 en Red Hat Enterprise Linux for Real Time 7 y otros productos, permite a atacantes remotos ejecutar comandos SysRq a trav\u00e9s de paquetes ICMP Echo Request manipulados, como demuestra un ataque de fuerza bruta para descubrir una cookie, o un ataque que ocurra despu\u00e9s de leer el archivo local icmp_echo_sysrq.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel-rt:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.10.0\",\"matchCriteriaId\":\"E86CD217-1B09-4319-8C00-8430767D2A90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B15608-BABC-4663-A58F-B74BD2D1A734\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36E85B24-30F2-42AB-9F68-8668C0FCC5E3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2905A9C-3E00-4188-8341-E5C2F62EF405\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/17/1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1301\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1341\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1327484\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/05/17/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1301\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:1341\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1327484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}"
}
}
CERTFR-2016-AVI-267
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 11-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP4 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Real Time Extension 11-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2016-4578",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4578"
},
{
"name": "CVE-2016-4997",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4997"
},
{
"name": "CVE-2016-4805",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4805"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2015-7833",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7833"
},
{
"name": "CVE-2016-4485",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4485"
},
{
"name": "CVE-2016-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
},
{
"name": "CVE-2016-5244",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5244"
},
{
"name": "CVE-2016-4486",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4486"
},
{
"name": "CVE-2016-0758",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0758"
},
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2016-4913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4913"
},
{
"name": "CVE-2016-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4569"
},
{
"name": "CVE-2016-3134",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3134"
},
{
"name": "CVE-2016-4580",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4580"
},
{
"name": "CVE-2016-2187",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2187"
},
{
"name": "CVE-2016-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2053"
},
{
"name": "CVE-2016-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3707"
},
{
"name": "CVE-2016-4482",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4482"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2016:1985-1 du 08 ao\u00fbt 2016",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
}
],
"reference": "CERTFR-2016-AVI-267",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2016:1985-1 du 08 ao\u00fbt 2016",
"url": null
}
]
}
CERTFR-2016-AVI-275
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les noyaus Linux de Red Hat. Elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server AUS (v. 7.2), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise MRG v2 pour Red Hat Enterprise Linux (version 6), avec un noyau antérieur à la version 3.10.0-327.rt56.190 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux HPC Node (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux HPC Node (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server EUS (v. 6.7.z), avec un noyau antérieur à la version 2.6.32-573.32.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server AUS (v. 6.4), avec un noyau antérieur à la version 2.6.32-358.72.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server EUS (v. 7.2), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2.rt56.230 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux HPC Node EUS (v. 7.2), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux Desktop (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server AUS (v. 7.2), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise MRG v2 pour Red Hat Enterprise Linux (version 6), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.rt56.190",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux HPC Node (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux HPC Node (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server EUS (v. 6.7.z), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-573.32.1",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server AUS (v. 6.4), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-358.72.1",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server EUS (v. 7.2), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2.rt56.230",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux HPC Node EUS (v. 7.2), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2016-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3707"
},
{
"name": "CVE-2016-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8767"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1277-1 du 23 juin 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1277.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1301-1 du 23 juin 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1301.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1489-1 du 26 juillet 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1489.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1406-1 du 12 juillet 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1406.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1581-1 du 09 ao\u00fbt 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1581.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1341-1 du 27 juin 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1341.html"
}
],
"reference": "CERTFR-2016-AVI-275",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles noyaus Linux de Red Hat\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les noyaux Linux de Red Hat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1301-1 du 23 juin 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1489-1 du 26 juillet 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1277-1 du 23 juin 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1341-1 du 27 juin 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1406-1 du 12 juillet 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1581-1 du 09 ao\u00fbt 2016",
"url": null
}
]
}
CERTFR-2016-AVI-267
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 11-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Debuginfo 11-SP4 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Real Time Extension 11-SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Debuginfo 11-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"name": "CVE-2016-4578",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4578"
},
{
"name": "CVE-2016-4997",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4997"
},
{
"name": "CVE-2016-4805",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4805"
},
{
"name": "CVE-2016-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4470"
},
{
"name": "CVE-2015-7833",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7833"
},
{
"name": "CVE-2016-4485",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4485"
},
{
"name": "CVE-2016-1583",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1583"
},
{
"name": "CVE-2016-5244",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5244"
},
{
"name": "CVE-2016-4486",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4486"
},
{
"name": "CVE-2016-0758",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0758"
},
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2016-4913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4913"
},
{
"name": "CVE-2016-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4569"
},
{
"name": "CVE-2016-3134",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3134"
},
{
"name": "CVE-2016-4580",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4580"
},
{
"name": "CVE-2016-2187",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2187"
},
{
"name": "CVE-2016-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2053"
},
{
"name": "CVE-2016-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3707"
},
{
"name": "CVE-2016-4482",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4482"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2016:1985-1 du 08 ao\u00fbt 2016",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
}
],
"reference": "CERTFR-2016-AVI-267",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2016:1985-1 du 08 ao\u00fbt 2016",
"url": null
}
]
}
CERTFR-2016-AVI-275
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les noyaus Linux de Red Hat. Elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server AUS (v. 7.2), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise MRG v2 pour Red Hat Enterprise Linux (version 6), avec un noyau antérieur à la version 3.10.0-327.rt56.190 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux HPC Node (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux HPC Node (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server EUS (v. 6.7.z), avec un noyau antérieur à la version 2.6.32-573.32.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server AUS (v. 6.4), avec un noyau antérieur à la version 2.6.32-358.72.1 | ||
| Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server EUS (v. 7.2), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Real Time (v. 7), avec un noyau antérieur à la version 3.10.0-327.22.2.rt56.230 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux HPC Node EUS (v. 7.2), avec un noyau antérieur à la version 3.10.0-327.22.2 | ||
| Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation (v. 6), avec un noyau antérieur à la version 2.6.32-642.3.1 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Red Hat Enterprise Linux Desktop (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server AUS (v. 7.2), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise MRG v2 pour Red Hat Enterprise Linux (version 6), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.rt56.190",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux HPC Node (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux HPC Node (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Desktop (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server EUS (v. 6.7.z), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-573.32.1",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server AUS (v. 6.4), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-358.72.1",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Server EUS (v. 7.2), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux Server",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux for Real Time (v. 7), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2.rt56.230",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux HPC Node EUS (v. 7.2), avec un noyau ant\u00e9rieur \u00e0 la version 3.10.0-327.22.2",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
},
{
"description": "Red Hat Enterprise Linux Workstation (v. 6), avec un noyau ant\u00e9rieur \u00e0 la version 2.6.32-642.3.1",
"product": {
"name": "Red Hat Enterprise Linux",
"vendor": {
"name": "Red Hat",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"name": "CVE-2016-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3707"
},
{
"name": "CVE-2016-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8767"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1277-1 du 23 juin 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1277.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1301-1 du 23 juin 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1301.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1489-1 du 26 juillet 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1489.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1406-1 du 12 juillet 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1406.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1581-1 du 09 ao\u00fbt 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1581.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1341-1 du 27 juin 2016",
"url": "https://rhn.redhat.com/errata/RHSA-2016-1341.html"
}
],
"reference": "CERTFR-2016-AVI-275",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles noyaus Linux de Red Hat\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les noyaux Linux de Red Hat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1301-1 du 23 juin 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1489-1 du 26 juillet 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1277-1 du 23 juin 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1341-1 du 27 juin 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1406-1 du 12 juillet 2016",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2016:1581-1 du 09 ao\u00fbt 2016",
"url": null
}
]
}
CNVD-2016-03353
Vulnerability from cnvd - Published: 2016-05-19
VLAI Severity ?
Title
kernel-rt信息泄露漏洞
Description
kernel-rt是一套通过ICMP回应请求发送SysRq命令的工具。
kernel-rt中存在安全漏洞。攻击者可通过发送特制的ICMP echo请求利用该漏洞向主机发送任意SysRq命令,获取cookie。
Severity
中
Patch Name
kernel-rt信息泄露漏洞的补丁
Patch Description
kernel-rt是一套通过ICMP回应请求发送SysRq命令的工具。
kernel-rt中存在安全漏洞。攻击者可通过发送特制的ICMP echo请求利用该漏洞向主机发送任意SysRq命令,获取cookie。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://www.kernel.org/pub/linux/kernel/projects/rt/4.4/patch-4.4.7-rt16.patch.gz
Reference
http://www.openwall.com/lists/oss-security/2016/05/17/1
Impacted products
| Name | Linux kernel-rt |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-3707"
}
},
"description": "kernel-rt\u662f\u4e00\u5957\u901a\u8fc7ICMP\u56de\u5e94\u8bf7\u6c42\u53d1\u9001SysRq\u547d\u4ee4\u7684\u5de5\u5177\u3002\r\n\r\nkernel-rt\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684ICMP echo\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u5411\u4e3b\u673a\u53d1\u9001\u4efb\u610fSysRq\u547d\u4ee4\uff0c\u83b7\u53d6cookie\u3002",
"discovererName": "Wade Mealing",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.kernel.org/pub/linux/kernel/projects/rt/4.4/patch-4.4.7-rt16.patch.gz",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-03353",
"openTime": "2016-05-19",
"patchDescription": "kernel-rt\u662f\u4e00\u5957\u901a\u8fc7ICMP\u56de\u5e94\u8bf7\u6c42\u53d1\u9001SysRq\u547d\u4ee4\u7684\u5de5\u5177\u3002\r\n\r\nkernel-rt\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u7279\u5236\u7684ICMP echo\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u5411\u4e3b\u673a\u53d1\u9001\u4efb\u610fSysRq\u547d\u4ee4\uff0c\u83b7\u53d6cookie\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "kernel-rt\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Linux kernel-rt"
},
"referenceLink": "http://www.openwall.com/lists/oss-security/2016/05/17/1",
"serverity": "\u4e2d",
"submitTime": "2016-05-17",
"title": "kernel-rt\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
FKIE_CVE-2016-3707
Vulnerability from fkie_nvd - Published: 2016-06-27 10:59 - Updated: 2026-05-06 22:30
Severity ?
Summary
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel-rt | * | |
| redhat | enterprise_linux_for_real_time | 7 | |
| redhat | enterprise_linux_for_real_time_for_nfv | 7 | |
| novell | suse_linux_enterprise_real_time_extension | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel-rt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E86CD217-1B09-4319-8C00-8430767D2A90",
"versionEndIncluding": "3.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"matchCriteriaId": "C2B15608-BABC-4663-A58F-B74BD2D1A734",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"matchCriteriaId": "36E85B24-30F2-42AB-9F68-8668C0FCC5E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "B2905A9C-3E00-4188-8341-E5C2F62EF405",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file."
},
{
"lang": "es",
"value": "La funci\u00f3n icmp_check_sysrq en net/ipv4/icmp.c en los kernel.org projects/rt patches para el kernel de Linux, tal como se utiliza en el paquete kernel-rt en versiones anteriores a 3.10.0-327.22.1 en Red Hat Enterprise Linux for Real Time 7 y otros productos, permite a atacantes remotos ejecutar comandos SysRq a trav\u00e9s de paquetes ICMP Echo Request manipulados, como demuestra un ataque de fuerza bruta para descubrir una cookie, o un ataque que ocurra despu\u00e9s de leer el archivo local icmp_echo_sysrq."
}
],
"id": "CVE-2016-3707",
"lastModified": "2026-05-06T22:30:45.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-27T10:59:04.563",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-558G-X28C-WMJ6
Vulnerability from github – Published: 2022-05-17 03:42 – Updated: 2022-05-17 03:42
VLAI?
Details
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
Severity ?
8.1 (High)
{
"affected": [],
"aliases": [
"CVE-2016-3707"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-06-27T10:59:00Z",
"severity": "HIGH"
},
"details": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.",
"id": "GHSA-558g-x28c-wmj6",
"modified": "2022-05-17T03:42:17Z",
"published": "2022-05-17T03:42:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3707"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2016-3707"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2016-3707
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-3707",
"description": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.",
"id": "GSD-2016-3707",
"references": [
"https://www.suse.com/security/cve/CVE-2016-3707.html",
"https://access.redhat.com/errata/RHSA-2016:1341",
"https://access.redhat.com/errata/RHSA-2016:1301"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-3707"
],
"details": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.",
"id": "GSD-2016-3707",
"modified": "2023-12-13T01:21:27.592974Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"name": "http://www.openwall.com/lists/oss-security/2016/05/17/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
},
{
"name": "https://access.redhat.com/errata/RHSA-2016:1301",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"name": "https://access.redhat.com/errata/RHSA-2016:1341",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel-rt:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2016-3707"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160517 CVE-2016-3707 : kernel-rt - Sending SysRq command via ICMP echo request",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2016/05/17/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"name": "RHSA-2016:1341",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"name": "RHSA-2016:1301",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"name": "SUSE-SU-2016:1764",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
},
{
"name": "SUSE-SU-2016:1937",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
},
{
"name": "SUSE-SU-2016:1985",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-12T23:19Z",
"publishedDate": "2016-06-27T10:59Z"
}
}
}
RHSA-2016:1301
Vulnerability from csaf_redhat - Published: 2016-06-23 16:15 - Updated: 2026-02-26 20:21Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
The following packages have been upgraded to a newer upstream version:
kernel-rt (3.10.0-327.22.1). This version provides a number of bug fixes
and enhancements, including:
* [netdrv] ixgbevf: fix spoofed packets with random MAC and use ether_addr_copy instead of memcpy
* [mm] mmu_notifier: fix memory corruption
* [mm] hugetlbfs: optimize when NUMA=n
* [mm] optimize put_mems_allowed() usage
* [x86] mm: suitable memory should go to ZONE_MOVABLE
* [fs] xfs: fix splice/direct-IO deadlock
* [acpi] tables: Add acpi_subtable_proc to ACPI table parsers
* [acpi] table: Add new function to get table entries
* [net] ipv6: Nonlocal bind
* [net] ipv4: bind ip_nonlocal_bind to current netns
(BZ#1335747)
Security Fix(es):
* A flaw was found in the way certain interfaces of the Linux kernel's
Infiniband subsystem used write() as bi-directional ioctl() replacement,
which could lead to insufficient memory security checks when being invoked
using the the splice() system call. A local unprivileged user on a system
with either Infiniband hardware present or RDMA Userspace Connection
Manager Access module explicitly loaded, could use this flaw to escalate
their privileges on the system. (CVE-2016-4565, Important)
* A race condition flaw was found in the way the Linux kernel's SCTP
implementation handled sctp_accept() during the processing of heartbeat
timeout events. A remote attacker could use this flaw to prevent further
connections to be accepted by the SCTP server running on the system,
resulting in a denial of service. (CVE-2015-8767, Moderate)
* A flaw was found in the way the realtime kernel processed specially
crafted ICMP echo requests. A remote attacker could use this flaw to
trigger a sysrql function based on values in the ICMP packet, allowing them
to remotely restart the system. Note that this feature is not enabled by
default and requires elevated privileges to be configured. (CVE-2016-3707,
Moderate)
Red Hat would like to thank Jann Horn for reporting CVE-2016-4565.
Bug Fix(es):
* Previously, configuration changes to the Hewlett Packard Smart Array
(HPSA) driver during I/O operations could set the phys_disk pointer to
NULL. Consequently, kernel oops could occur while the HPSA driver was
submitting ioaccel2 commands. An upstream patch has been provided to fix
this bug, and the oops in the hpsa_scsi_ioaccel_raid_map() function no
longer occurs. (BZ#1335411)
* In a previous code update one extra spin_lock operation was left
untouched. Consequently, a deadlock could occur when looping through cache
pages. With this update, the extra lock operation has been removed from
the source code and the deadlock no longer occurs in the described
situation. (BZ#1327073)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.
7.1 ()
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and requires elevated privileges to be configured.
7.1 ()
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
21 references
Acknowledgments
Jann Horn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThe following packages have been upgraded to a newer upstream version:\nkernel-rt (3.10.0-327.22.1). This version provides a number of bug fixes\nand enhancements, including:\n\n* [netdrv] ixgbevf: fix spoofed packets with random MAC and use ether_addr_copy instead of memcpy \n* [mm] mmu_notifier: fix memory corruption \n* [mm] hugetlbfs: optimize when NUMA=n \n* [mm] optimize put_mems_allowed() usage \n* [x86] mm: suitable memory should go to ZONE_MOVABLE \n* [fs] xfs: fix splice/direct-IO deadlock \n* [acpi] tables: Add acpi_subtable_proc to ACPI table parsers \n* [acpi] table: Add new function to get table entries \n* [net] ipv6: Nonlocal bind \n* [net] ipv4: bind ip_nonlocal_bind to current netns \n\n(BZ#1335747)\n\nSecurity Fix(es):\n\n* A flaw was found in the way certain interfaces of the Linux kernel\u0027s\nInfiniband subsystem used write() as bi-directional ioctl() replacement,\nwhich could lead to insufficient memory security checks when being invoked\nusing the the splice() system call. A local unprivileged user on a system\nwith either Infiniband hardware present or RDMA Userspace Connection\nManager Access module explicitly loaded, could use this flaw to escalate\ntheir privileges on the system. (CVE-2016-4565, Important)\n\n* A race condition flaw was found in the way the Linux kernel\u0027s SCTP\nimplementation handled sctp_accept() during the processing of heartbeat\ntimeout events. A remote attacker could use this flaw to prevent further\nconnections to be accepted by the SCTP server running on the system,\nresulting in a denial of service. (CVE-2015-8767, Moderate)\n\n* A flaw was found in the way the realtime kernel processed specially\ncrafted ICMP echo requests. A remote attacker could use this flaw to\ntrigger a sysrql function based on values in the ICMP packet, allowing them\nto remotely restart the system. Note that this feature is not enabled by\ndefault and requires elevated privileges to be configured. (CVE-2016-3707,\nModerate)\n\nRed Hat would like to thank Jann Horn for reporting CVE-2016-4565.\n\nBug Fix(es):\n\n* Previously, configuration changes to the Hewlett Packard Smart Array\n(HPSA) driver during I/O operations could set the phys_disk pointer to\nNULL. Consequently, kernel oops could occur while the HPSA driver was\nsubmitting ioaccel2 commands. An upstream patch has been provided to fix\nthis bug, and the oops in the hpsa_scsi_ioaccel_raid_map() function no\nlonger occurs. (BZ#1335411)\n\n* In a previous code update one extra spin_lock operation was left\nuntouched. Consequently, a deadlock could occur when looping through cache\npages. With this update, the extra lock operation has been removed from\nthe source code and the deadlock no longer occurs in the described\nsituation. (BZ#1327073)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1301",
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1297389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
},
{
"category": "external",
"summary": "1310570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310570"
},
{
"category": "external",
"summary": "1327073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327073"
},
{
"category": "external",
"summary": "1327484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"category": "external",
"summary": "1334459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334459"
},
{
"category": "external",
"summary": "1335747",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335747"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1301.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-02-26T20:21:20+00:00",
"generator": {
"date": "2026-02-26T20:21:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2016:1301",
"initial_release_date": "2016-06-23T16:15:04+00:00",
"revision_history": [
{
"date": "2016-06-23T16:15:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-06-23T16:15:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-26T20:21:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_rt:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Realtime (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_rt:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product": {
"name": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_id": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-327.22.2.rt56.230.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"product": {
"name": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"product_id": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-327.22.2.rt56.230.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"product": {
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"product_id": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-327.22.2.rt56.230.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src"
},
"product_reference": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch"
},
"product_reference": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-NFV-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src"
},
"product_reference": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch"
},
"product_reference": "kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
"product_id": "7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"relates_to_product_reference": "7Server-RT-7.2.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8767",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1297389"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in the way the Linux kernel\u0027s SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: SCTP denial of service during timeout",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2 and may be addressed in future updates. \n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8767"
},
{
"category": "external",
"summary": "RHBZ#1297389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8767",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8767"
}
],
"release_date": "2015-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-06-23T16:15:04+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: SCTP denial of service during timeout"
},
{
"cve": "CVE-2016-3707",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2016-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1327484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and requires elevated privileges to be configured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel-rt: Sending SysRq command via ICMP echo request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6 and 7.\n\nThis issue affects the Linux kernel-rt packages as shipped with Red Hat Enterprise Linux 7 and MRG-2 and may be addressed in a future update.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3707"
},
{
"category": "external",
"summary": "RHBZ#1327484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3707"
}
],
"release_date": "2016-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-06-23T16:15:04+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel-rt: Sending SysRq command via ICMP echo request"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
]
}
],
"cve": "CVE-2016-4565",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2016-02-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way certain interfaces of the Linux kernel\u0027s Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "RHBZ#1310570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4565"
}
],
"release_date": "2016-05-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-06-23T16:15:04+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1301"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-NFV-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-NFV-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-NFV-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.src",
"7Server-RT-7.2.Z:kernel-rt-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-doc-0:3.10.0-327.22.2.rt56.230.el7_2.noarch",
"7Server-RT-7.2.Z:kernel-rt-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-devel-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64",
"7Server-RT-7.2.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-327.22.2.rt56.230.el7_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko"
}
]
}
RHSA-2016:1341
Vulnerability from csaf_redhat - Published: 2016-06-27 10:02 - Updated: 2026-02-26 20:21Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise MRG 2.5.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: The kernel-rt package contain the Linux kernel, the core of any Linux
operating system.
This update provides a build of the kernel-rt package for Red Hat
Enterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and
provides a number of bug fixes including:
* [netdrv] ixgbevf: fix spoofed packets with random MAC and use ether_addr_copy instead of memcpy
* [mm] mmu_notifier: fix memory corruption
* [mm] hugetlbfs: optimize when NUMA=n
* [mm] optimize put_mems_allowed() usage
* [x86] mm: suitable memory should go to ZONE_MOVABLE
* [fs] xfs: fix splice/direct-IO deadlock
* [acpi] tables: Add acpi_subtable_proc to ACPI table parsers
* [acpi] table: Add new function to get table entries
* [net] ipv6: Nonlocal bind
* [net] ipv4: bind ip_nonlocal_bind to current netns
(BZ#1332298)
Security Fix(es):
* A flaw was found in the way certain interfaces of the Linux kernel's
Infiniband subsystem used write() as bi-directional ioctl() replacement,
which could lead to insufficient memory security checks when being invoked
using the splice() system call. A local unprivileged user on a system
with either Infiniband hardware present or RDMA Userspace Connection
Manager Access module explicitly loaded, could use this flaw to escalate
their privileges on the system. (CVE-2016-4565, Important)
* A race condition flaw was found in the way the Linux kernel's SCTP
implementation handled sctp_accept() during the processing of heartbeat
timeout events. A remote attacker could use this flaw to prevent further
connections to be accepted by the SCTP server running on the system,
resulting in a denial of service. (CVE-2015-8767, Moderate)
* A flaw was found in the way the realtime kernel processed specially
crafted ICMP echo requests. A remote attacker could use this flaw to
trigger a sysrql function based on values in the ICMP packet, allowing them
to remotely restart the system. Note that this feature is not enabled by
default and requires elevated privileges to be configured. (CVE-2016-3707,
Moderate)
Red Hat would like to thank Jann Horn for reporting CVE-2016-4565.
Bug Fix(es):
* An oops can occur in the hpsa driver while submitting ioaccel2 commands
when the phys_disk pointer is NULL (in hpsa_scsi_ioaccel_raid_map).
Configuration changes during I/O operations could set the phys_disk
pointer to NULL. In this case, send the command down the RAID path for
correct processing, avoiding the oops. (BZ#1334260)
* A faulty code merge left an extra spin_lock operation in the function
fscache_invalidate_write(). The code has been correctly updated to remove
this extra lock operation, which avoids a potential deadlock situation
when looping through cache pages. (BZ#1327730)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.
7.1 ()
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and requires elevated privileges to be configured.
7.1 ()
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
20 references
Acknowledgments
Jann Horn
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.5.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt package contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update provides a build of the kernel-rt package for Red Hat\nEnterprise MRG 2.5 that is layered on Red Hat Enterprise Linux 6, and\nprovides a number of bug fixes including:\n\n* [netdrv] ixgbevf: fix spoofed packets with random MAC and use ether_addr_copy instead of memcpy \n* [mm] mmu_notifier: fix memory corruption \n* [mm] hugetlbfs: optimize when NUMA=n \n* [mm] optimize put_mems_allowed() usage \n* [x86] mm: suitable memory should go to ZONE_MOVABLE \n* [fs] xfs: fix splice/direct-IO deadlock \n* [acpi] tables: Add acpi_subtable_proc to ACPI table parsers \n* [acpi] table: Add new function to get table entries \n* [net] ipv6: Nonlocal bind \n* [net] ipv4: bind ip_nonlocal_bind to current netns \n\n(BZ#1332298)\n\nSecurity Fix(es):\n\n* A flaw was found in the way certain interfaces of the Linux kernel\u0027s\nInfiniband subsystem used write() as bi-directional ioctl() replacement,\nwhich could lead to insufficient memory security checks when being invoked\nusing the splice() system call. A local unprivileged user on a system\nwith either Infiniband hardware present or RDMA Userspace Connection\nManager Access module explicitly loaded, could use this flaw to escalate\ntheir privileges on the system. (CVE-2016-4565, Important)\n\n* A race condition flaw was found in the way the Linux kernel\u0027s SCTP\nimplementation handled sctp_accept() during the processing of heartbeat\ntimeout events. A remote attacker could use this flaw to prevent further\nconnections to be accepted by the SCTP server running on the system,\nresulting in a denial of service. (CVE-2015-8767, Moderate)\n\n* A flaw was found in the way the realtime kernel processed specially\ncrafted ICMP echo requests. A remote attacker could use this flaw to\ntrigger a sysrql function based on values in the ICMP packet, allowing them\nto remotely restart the system. Note that this feature is not enabled by\ndefault and requires elevated privileges to be configured. (CVE-2016-3707,\nModerate)\n\nRed Hat would like to thank Jann Horn for reporting CVE-2016-4565.\n\nBug Fix(es):\n\n* An oops can occur in the hpsa driver while submitting ioaccel2 commands\nwhen the phys_disk pointer is NULL (in hpsa_scsi_ioaccel_raid_map).\nConfiguration changes during I/O operations could set the phys_disk\npointer to NULL. In this case, send the command down the RAID path for\ncorrect processing, avoiding the oops. (BZ#1334260)\n\n* A faulty code merge left an extra spin_lock operation in the function\nfscache_invalidate_write(). The code has been correctly updated to remove\nthis extra lock operation, which avoids a potential deadlock situation\nwhen looping through cache pages. (BZ#1327730)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:1341",
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1297389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
},
{
"category": "external",
"summary": "1310570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310570"
},
{
"category": "external",
"summary": "1327484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"category": "external",
"summary": "1327730",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327730"
},
{
"category": "external",
"summary": "1332298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332298"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_1341.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2026-02-26T20:21:22+00:00",
"generator": {
"date": "2026-02-26T20:21:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2016:1341",
"initial_release_date": "2016-06-27T10:02:50+00:00",
"revision_history": [
{
"date": "2016-06-27T10:02:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-06-27T10:02:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-26T20:21:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product": {
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-6"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.10.0-327.rt56.190.el6rt?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"product": {
"name": "kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"product_id": "kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-firmware@3.10.0-327.rt56.190.el6rt?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"product": {
"name": "kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"product_id": "kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-327.rt56.190.el6rt?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"product": {
"name": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"product_id": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-327.rt56.190.el6rt?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src"
},
"product_reference": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch"
},
"product_reference": "kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch"
},
"product_reference": "kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8767",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2015-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1297389"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in the way the Linux kernel\u0027s SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: SCTP denial of service during timeout",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2 and may be addressed in future updates. \n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8767"
},
{
"category": "external",
"summary": "RHBZ#1297389",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297389"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8767",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8767"
}
],
"release_date": "2015-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-06-27T10:02:50+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: SCTP denial of service during timeout"
},
{
"cve": "CVE-2016-3707",
"cwe": {
"id": "CWE-312",
"name": "Cleartext Storage of Sensitive Information"
},
"discovery_date": "2016-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1327484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and requires elevated privileges to be configured.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel-rt: Sending SysRq command via ICMP echo request",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6 and 7.\n\nThis issue affects the Linux kernel-rt packages as shipped with Red Hat Enterprise Linux 7 and MRG-2 and may be addressed in a future update.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3707"
},
{
"category": "external",
"summary": "RHBZ#1327484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1327484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3707"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3707",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3707"
}
],
"release_date": "2016-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-06-27T10:02:50+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel-rt: Sending SysRq command via ICMP echo request"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
]
}
],
"cve": "CVE-2016-4565",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2016-02-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310570"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way certain interfaces of the Linux kernel\u0027s Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "RHBZ#1310570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4565"
}
],
"release_date": "2016-05-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-06-27T10:02:50+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:1341"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-327.rt56.190.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-327.rt56.190.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-327.rt56.190.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…