rhsa-2009_0451
Vulnerability from csaf_redhat
Published
2009-04-29 09:28
Modified
2024-11-05 17:04
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix several security issues and a bug are
now available for Red Hat Enterprise MRG 1.1.2.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
These updated packages fix the following security issues:
* a logic error was found in the do_setlk() function of the Linux kernel
Network File System (NFS) implementation. If a signal interrupted a lock
request, the local POSIX lock was incorrectly created. This could cause a
denial of service on the NFS server if a file descriptor was closed before
its corresponding lock request returned. (CVE-2008-4307, Important)
* a deficiency was found in the Linux kernel system call auditing
implementation on 64-bit systems. This could allow a local, unprivileged
user to circumvent a system call audit configuration, if that configuration
filtered based on the "syscall" number or arguments.
(CVE-2009-0834, Important)
* Chris Evans reported a deficiency in the Linux kernel secure-computing
implementation on 64-bit systems. This could allow a local, unprivileged
user to bypass intended access restrictions, if those access restriction
filters were based on the "syscall" number or arguments.
(CVE-2009-0835, Important)
* the exit_notify() function in the Linux kernel did not properly reset the
exit signal if a process executed a set user ID (setuid) application before
exiting. This could allow a local, unprivileged user to elevate their
privileges. (CVE-2009-1337, Important)
* Chris Evans reported a deficiency in the Linux kernel signals
implementation. The clone() system call permits the caller to indicate the
signal it wants to receive when its child exits. When clone() is called
with the CLONE_PARENT flag, it permits the caller to clone a new child that
shares the same parent as itself, enabling the indicated signal to be sent
to the caller's parent (instead of the caller), even if the caller's parent
has different real and effective user IDs. This could lead to a denial of
service of the parent. (CVE-2009-0028, Moderate)
* an off-by-two error was found in the set_selection() function of the
Linux kernel. This could allow a local, unprivileged user to cause a denial
of service when making a selection of characters in a UTF-8 console. Note:
physical console access is required to exploit this issue.
(CVE-2009-1046, Low)
These updated packages also fix the following bug:
* the __scsi_device_lookup_by_target() function was always returning the
first matching device, regardless of the state of the device. This meant
that any valid device listed after a deleted device would not be found. The
__scsi_device_lookup_by_target() function was modified so that deleted
devices are skipped, and valid devices are now found. (BZ#495976)
All Red Hat Enterprise MRG users should install this update, which resolves
these issues. For this update to take effect, the system must be rebooted.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated kernel-rt packages that fix several security issues and a bug are\nnow available for Red Hat Enterprise MRG 1.1.2.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a logic error was found in the do_setlk() function of the Linux kernel\nNetwork File System (NFS) implementation. If a signal interrupted a lock\nrequest, the local POSIX lock was incorrectly created. This could cause a\ndenial of service on the NFS server if a file descriptor was closed before\nits corresponding lock request returned. (CVE-2008-4307, Important)\n\n* a deficiency was found in the Linux kernel system call auditing\nimplementation on 64-bit systems. This could allow a local, unprivileged\nuser to circumvent a system call audit configuration, if that configuration\nfiltered based on the \"syscall\" number or arguments.\n(CVE-2009-0834, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel secure-computing\nimplementation on 64-bit systems. This could allow a local, unprivileged\nuser to bypass intended access restrictions, if those access restriction\nfilters were based on the \"syscall\" number or arguments.\n(CVE-2009-0835, Important)\n\n* the exit_notify() function in the Linux kernel did not properly reset the\nexit signal if a process executed a set user ID (setuid) application before\nexiting. This could allow a local, unprivileged user to elevate their\nprivileges. (CVE-2009-1337, Important)\n\n* Chris Evans reported a deficiency in the Linux kernel signals\nimplementation. The clone() system call permits the caller to indicate the\nsignal it wants to receive when its child exits. When clone() is called\nwith the CLONE_PARENT flag, it permits the caller to clone a new child that\nshares the same parent as itself, enabling the indicated signal to be sent\nto the caller\u0027s parent (instead of the caller), even if the caller\u0027s parent\nhas different real and effective user IDs. This could lead to a denial of\nservice of the parent. (CVE-2009-0028, Moderate)\n\n* an off-by-two error was found in the set_selection() function of the\nLinux kernel. This could allow a local, unprivileged user to cause a denial\nof service when making a selection of characters in a UTF-8 console. Note:\nphysical console access is required to exploit this issue.\n(CVE-2009-1046, Low)\n\nThese updated packages also fix the following bug:\n\n* the __scsi_device_lookup_by_target() function was always returning the\nfirst matching device, regardless of the state of the device. This meant\nthat any valid device listed after a deleted device would not be found. The\n__scsi_device_lookup_by_target() function was modified so that deleted\ndevices are skipped, and valid devices are now found. (BZ#495976)\n\nAll Red Hat Enterprise MRG users should install this update, which resolves\nthese issues. For this update to take effect, the system must be rebooted.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2009:0451", "url": "https://access.redhat.com/errata/RHSA-2009:0451" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "456282", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456282" }, { "category": "external", "summary": "479932", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=479932" }, { "category": "external", "summary": "487255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487255" }, { "category": "external", "summary": "487990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990" }, { "category": "external", "summary": "491787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491787" }, { "category": "external", "summary": "493771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493771" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0451.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-05T17:04:13+00:00", "generator": { "date": "2024-11-05T17:04:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2009:0451", "initial_release_date": "2009-04-29T09:28:00+00:00", "revision_history": [ { "date": "2009-04-29T09:28:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2009-04-29T05:28:23+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:04:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "MRG Realtime for RHEL 5 Server", "product": { "name": "MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5" } } } ], "category": "product_family", "name": "Red Hat Enterprise MRG for RHEL-5" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-111.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-111.el5rt?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-111.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-111.el5rt?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "product": { "name": "kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "product_id": "kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-111.el5rt?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-111.el5rt.src", "product": { "name": "kernel-rt-0:2.6.24.7-111.el5rt.src", "product_id": "kernel-rt-0:2.6.24.7-111.el5rt.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-111.el5rt?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-111.el5rt.src as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src" }, "product_reference": "kernel-rt-0:2.6.24.7-111.el5rt.src", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch" }, "product_reference": "kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2008-4307", "discovery_date": "2008-07-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "456282" } ], "notes": [ { "category": "description", "text": "Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improper handling of a race between fcntl and close in the EINTR case.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel BUG() in locks_remove_flock", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-4307" }, { "category": "external", "summary": "RHBZ#456282", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456282" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-4307", "url": "https://www.cve.org/CVERecord?id=CVE-2008-4307" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4307", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4307" } ], "release_date": "2008-10-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-04-29T09:28:00+00:00", "details": "Before applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:0451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel BUG() in locks_remove_flock" }, { "cve": "CVE-2009-0028", "discovery_date": "2009-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "479932" } ], "notes": [ { "category": "description", "text": "The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit.", "title": "Vulnerability description" }, { "category": "summary", "text": "Linux kernel minor signal handling vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0028" }, { "category": "external", "summary": "RHBZ#479932", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=479932" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0028", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0028" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0028", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0028" } ], "release_date": "2009-02-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-04-29T09:28:00+00:00", "details": "Before applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:0451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Linux kernel minor signal handling vulnerability" }, { "cve": "CVE-2009-0834", "discovery_date": "2009-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "487990" } ], "notes": [ { "category": "description", "text": "The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: x86-64: syscall-audit: 32/64 syscall hole", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0834" }, { "category": "external", "summary": "RHBZ#487990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0834", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0834" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0834", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0834" } ], "release_date": "2009-02-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-04-29T09:28:00+00:00", "details": "Before applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:0451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: x86-64: syscall-audit: 32/64 syscall hole" }, { "cve": "CVE-2009-0835", "discovery_date": "2009-02-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "487255" } ], "notes": [ { "category": "description", "text": "The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: x86-64: seccomp: 32/64 syscall hole", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-0835" }, { "category": "external", "summary": "RHBZ#487255", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487255" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0835", "url": "https://www.cve.org/CVERecord?id=CVE-2009-0835" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0835", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0835" } ], "release_date": "2009-02-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-04-29T09:28:00+00:00", "details": "Before applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:0451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: x86-64: seccomp: 32/64 syscall hole" }, { "cve": "CVE-2009-1046", "discovery_date": "2009-02-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "491787" } ], "notes": [ { "category": "description", "text": "The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an \"off-by-two memory error.\" NOTE: it is not clear whether this issue crosses privilege boundaries.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: utf8 selection memory corruption", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1046" }, { "category": "external", "summary": "RHBZ#491787", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491787" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1046", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1046" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1046", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1046" } ], "release_date": "2009-01-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-04-29T09:28:00+00:00", "details": "Before applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:0451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: utf8 selection memory corruption" }, { "cve": "CVE-2009-1337", "discovery_date": "2009-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "493771" } ], "notes": [ { "category": "description", "text": "The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: exit_notify: kill the wrong capable(CAP_KILL) check", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-1337" }, { "category": "external", "summary": "RHBZ#493771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-1337", "url": "https://www.cve.org/CVERecord?id=CVE-2009-1337" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1337", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1337" } ], "release_date": "2009-02-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2009-04-29T09:28:00+00:00", "details": "Before applying this update, make sure that all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2009:0451" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-111.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-111.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-111.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: exit_notify: kill the wrong capable(CAP_KILL) check" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.