rhsa-2010_0882
Vulnerability from csaf_redhat
Published
2010-11-12 09:36
Modified
2024-11-05 17:23
Summary
Red Hat Security Advisory: kernel security and bug fix update
Notes
Topic
Updated kernel packages that fix several security issues and one bug are
now available for Red Hat Enterprise Linux 3 Extended Life Cycle Support
(ELS).
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* An array index error was found in the gdth driver in the Linux kernel. A
local user could send a specially-crafted IOCTL request that would cause a
denial of service or, possibly, privilege escalation. (CVE-2009-3080,
Important)
* NULL pointer dereference flaws were found in the r128 driver in the Linux
kernel. Checks to test if the Concurrent Command Engine state was
initialized were missing in private IOCTL functions. An attacker could use
these flaws to cause a local denial of service or escalate their
privileges. (CVE-2009-3620, Important)
* A flaw was found in the Intel PRO/1000 Linux driver, e1000, in the Linux
kernel. A remote attacker using packets larger than the MTU could bypass
the existing fragment check, resulting in partial, invalid frames being
passed to the network stack. This flaw could also possibly be used to
trigger a remote denial of service. (CVE-2009-4536, Important)
* A use-after-free flaw was found in the tcp_rcv_state_process() function
in the Linux kernel TCP/IP protocol suite implementation. If a system using
IPv6 had the IPV6_PKTINFO option set on a listening socket, a remote
attacker could send an IPv6 packet to that system, causing a kernel panic
(denial of service). (CVE-2010-1188, Important)
* When an application has a stack overflow, the stack could silently
overwrite another memory mapped area instead of a segmentation fault
occurring, which could cause an application to execute arbitrary code,
possibly leading to privilege escalation. It is known that the X Window
System server can be used to trigger this flaw. (CVE-2010-2240, Important)
* The compat_alloc_user_space() function in the Linux kernel 32/64-bit
compatibility layer implementation was missing sanity checks. This function
could be abused in other areas of the Linux kernel. On 64-bit systems, a
local, unprivileged user could use this flaw to escalate their privileges.
(CVE-2010-3081, Important)
Red Hat would like to thank the X.Org security team for reporting the
CVE-2010-2240 issue, with upstream acknowledging Rafal Wojtczuk as the
original reporter; and Ben Hawkes for reporting the CVE-2010-3081 issue.
This update also fixes the following bug:
* The RHSA-2009:1550 kernel update introduced a regression that prevented
certain custom kernel modules from loading, failing with "unresolved
symbol" errors. This update corrects this issue, allowing the affected
modules to load as expected. (BZ#556909)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel packages that fix several security issues and one bug are\nnow available for Red Hat Enterprise Linux 3 Extended Life Cycle Support\n(ELS).\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* An array index error was found in the gdth driver in the Linux kernel. A\nlocal user could send a specially-crafted IOCTL request that would cause a\ndenial of service or, possibly, privilege escalation. (CVE-2009-3080,\nImportant)\n\n* NULL pointer dereference flaws were found in the r128 driver in the Linux\nkernel. Checks to test if the Concurrent Command Engine state was\ninitialized were missing in private IOCTL functions. An attacker could use\nthese flaws to cause a local denial of service or escalate their\nprivileges. (CVE-2009-3620, Important)\n\n* A flaw was found in the Intel PRO/1000 Linux driver, e1000, in the Linux\nkernel. A remote attacker using packets larger than the MTU could bypass\nthe existing fragment check, resulting in partial, invalid frames being\npassed to the network stack. This flaw could also possibly be used to\ntrigger a remote denial of service. (CVE-2009-4536, Important)\n\n* A use-after-free flaw was found in the tcp_rcv_state_process() function\nin the Linux kernel TCP/IP protocol suite implementation. If a system using\nIPv6 had the IPV6_PKTINFO option set on a listening socket, a remote\nattacker could send an IPv6 packet to that system, causing a kernel panic\n(denial of service). (CVE-2010-1188, Important)\n\n* When an application has a stack overflow, the stack could silently\noverwrite another memory mapped area instead of a segmentation fault\noccurring, which could cause an application to execute arbitrary code,\npossibly leading to privilege escalation. It is known that the X Window\nSystem server can be used to trigger this flaw. (CVE-2010-2240, Important)\n\n* The compat_alloc_user_space() function in the Linux kernel 32/64-bit\ncompatibility layer implementation was missing sanity checks. This function\ncould be abused in other areas of the Linux kernel. On 64-bit systems, a\nlocal, unprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3081, Important)\n\nRed Hat would like to thank the X.Org security team for reporting the\nCVE-2010-2240 issue, with upstream acknowledging Rafal Wojtczuk as the\noriginal reporter; and Ben Hawkes for reporting the CVE-2010-3081 issue.\n\nThis update also fixes the following bug:\n\n* The RHSA-2009:1550 kernel update introduced a regression that prevented\ncertain custom kernel modules from loading, failing with \"unresolved\nsymbol\" errors. This update corrects this issue, allowing the affected\nmodules to load as expected. (BZ#556909)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0882",
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/kb/docs/DOC-40265",
"url": "https://access.redhat.com/kb/docs/DOC-40265"
},
{
"category": "external",
"summary": "http://www.redhat.com/rhel/server/extended_lifecycle_support/",
"url": "http://www.redhat.com/rhel/server/extended_lifecycle_support/"
},
{
"category": "external",
"summary": "529597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529597"
},
{
"category": "external",
"summary": "539414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=539414"
},
{
"category": "external",
"summary": "552126",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=552126"
},
{
"category": "external",
"summary": "556909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=556909"
},
{
"category": "external",
"summary": "577711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=577711"
},
{
"category": "external",
"summary": "606611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611"
},
{
"category": "external",
"summary": "634457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634457"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0882.json"
}
],
"title": "Red Hat Security Advisory: kernel security and bug fix update",
"tracking": {
"current_release_date": "2024-11-05T17:23:50+00:00",
"generator": {
"date": "2024-11-05T17:23:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2010:0882",
"initial_release_date": "2010-11-12T09:36:00+00:00",
"revision_history": [
{
"date": "2010-11-12T09:36:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-11-12T04:36:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T17:23:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS (v. 3 ELS)",
"product": {
"name": "Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES (v. 3 ELS)",
"product": {
"name": "Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:3::es"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-BOOT-0:2.4.21-66.EL.i386",
"product": {
"name": "kernel-BOOT-0:2.4.21-66.EL.i386",
"product_id": "kernel-BOOT-0:2.4.21-66.EL.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-BOOT@2.4.21-66.EL?arch=i386"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:2.4.21-66.EL.i386",
"product": {
"name": "kernel-doc-0:2.4.21-66.EL.i386",
"product_id": "kernel-doc-0:2.4.21-66.EL.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.4.21-66.EL?arch=i386"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.4.21-66.EL.i386",
"product": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.i386",
"product_id": "kernel-debuginfo-0:2.4.21-66.EL.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.4.21-66.EL?arch=i386"
}
}
},
{
"category": "product_version",
"name": "kernel-source-0:2.4.21-66.EL.i386",
"product": {
"name": "kernel-source-0:2.4.21-66.EL.i386",
"product_id": "kernel-source-0:2.4.21-66.EL.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-source@2.4.21-66.EL?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-unsupported-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-unsupported-0:2.4.21-66.EL.i686",
"product_id": "kernel-unsupported-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-unsupported@2.4.21-66.EL?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-hugemem-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-hugemem-0:2.4.21-66.EL.i686",
"product_id": "kernel-hugemem-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-hugemem@2.4.21-66.EL?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-0:2.4.21-66.EL.i686",
"product_id": "kernel-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.4.21-66.EL?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"product_id": "kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-smp-unsupported@2.4.21-66.EL?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.i686",
"product_id": "kernel-debuginfo-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.4.21-66.EL?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-smp-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-smp-0:2.4.21-66.EL.i686",
"product_id": "kernel-smp-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-smp@2.4.21-66.EL?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"product": {
"name": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"product_id": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-hugemem-unsupported@2.4.21-66.EL?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-unsupported-0:2.4.21-66.EL.athlon",
"product": {
"name": "kernel-unsupported-0:2.4.21-66.EL.athlon",
"product_id": "kernel-unsupported-0:2.4.21-66.EL.athlon",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-unsupported@2.4.21-66.EL?arch=athlon"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.4.21-66.EL.athlon",
"product": {
"name": "kernel-0:2.4.21-66.EL.athlon",
"product_id": "kernel-0:2.4.21-66.EL.athlon",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.4.21-66.EL?arch=athlon"
}
}
},
{
"category": "product_version",
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"product": {
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"product_id": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-smp-unsupported@2.4.21-66.EL?arch=athlon"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.4.21-66.EL.athlon",
"product": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.athlon",
"product_id": "kernel-debuginfo-0:2.4.21-66.EL.athlon",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.4.21-66.EL?arch=athlon"
}
}
},
{
"category": "product_version",
"name": "kernel-smp-0:2.4.21-66.EL.athlon",
"product": {
"name": "kernel-smp-0:2.4.21-66.EL.athlon",
"product_id": "kernel-smp-0:2.4.21-66.EL.athlon",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-smp@2.4.21-66.EL?arch=athlon"
}
}
}
],
"category": "architecture",
"name": "athlon"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.4.21-66.EL.src",
"product": {
"name": "kernel-0:2.4.21-66.EL.src",
"product_id": "kernel-0:2.4.21-66.EL.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.4.21-66.EL?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.4.21-66.EL.src as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-0:2.4.21-66.EL.src"
},
"product_reference": "kernel-0:2.4.21-66.EL.src",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-BOOT-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-BOOT-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-debuginfo-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-debuginfo-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-debuginfo-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-doc-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-hugemem-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-hugemem-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-smp-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-smp-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-source-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-source-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-unsupported-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-unsupported-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-unsupported-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux AS (v. 3 ELS)",
"product_id": "3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-unsupported-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3AS-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.4.21-66.EL.src as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-0:2.4.21-66.EL.src"
},
"product_reference": "kernel-0:2.4.21-66.EL.src",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-BOOT-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-BOOT-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-debuginfo-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-debuginfo-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-debuginfo-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-doc-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-hugemem-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-hugemem-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-smp-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-smp-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-smp-unsupported-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-0:2.4.21-66.EL.i386 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-source-0:2.4.21-66.EL.i386"
},
"product_reference": "kernel-source-0:2.4.21-66.EL.i386",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-unsupported-0:2.4.21-66.EL.athlon as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon"
},
"product_reference": "kernel-unsupported-0:2.4.21-66.EL.athlon",
"relates_to_product_reference": "3ES-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-unsupported-0:2.4.21-66.EL.i686 as a component of Red Hat Enterprise Linux ES (v. 3 ELS)",
"product_id": "3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
},
"product_reference": "kernel-unsupported-0:2.4.21-66.EL.i686",
"relates_to_product_reference": "3ES-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3080",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2009-11-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "539414"
}
],
"notes": [
{
"category": "description",
"text": "Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gdth: Prevent negative offsets in ioctl",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3080"
},
{
"category": "external",
"summary": "RHBZ#539414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=539414"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3080",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3080"
}
],
"release_date": "2009-11-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-12T09:36:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: gdth: Prevent negative offsets in ioctl"
},
{
"cve": "CVE-2009-3620",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "529597"
}
],
"notes": [
{
"category": "description",
"text": "The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3620"
},
{
"category": "external",
"summary": "RHBZ#529597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3620"
}
],
"release_date": "2009-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-12T09:36:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised"
},
{
"cve": "CVE-2009-4536",
"discovery_date": "2009-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "552126"
}
],
"notes": [
{
"category": "description",
"text": "drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: e1000 issue reported at 26c3",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-4536"
},
{
"category": "external",
"summary": "RHBZ#552126",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=552126"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-4536",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-4536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4536"
}
],
"release_date": "2009-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-12T09:36:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C",
"version": "2.0"
},
"products": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: e1000 issue reported at 26c3"
},
{
"cve": "CVE-2010-1188",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-03-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "577711"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled and causes the skb structure to be freed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv6: skb is unexpectedly freed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise MRG, as it was fixed since version v2.6.20-rc6.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-1188"
},
{
"category": "external",
"summary": "RHBZ#577711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=577711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1188"
}
],
"release_date": "2007-01-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-12T09:36:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: ipv6: skb is unexpectedly freed"
},
{
"acknowledgments": [
{
"names": [
"X.Org security team"
]
},
{
"names": [
"Rafal Wojtczuk"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2010-2240",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "606611"
}
],
"notes": [
{
"category": "description",
"text": "The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm: keep a guard page below a grow-down stack segment",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-2240"
},
{
"category": "external",
"summary": "RHBZ#606611",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-2240",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2240"
}
],
"release_date": "2010-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-12T09:36:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: mm: keep a guard page below a grow-down stack segment"
},
{
"acknowledgments": [
{
"names": [
"Ben Hawkes"
]
}
],
"cve": "CVE-2010-3081",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "634457"
}
],
"notes": [
{
"category": "description",
"text": "The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a \"stack pointer underflow\" issue, as exploited in the wild in September 2010.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: 64-bit Compatibility Mode Stack Pointer Underflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "More information can be found in this kbase: https://access.redhat.com/kb/docs/DOC-40265.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3081"
},
{
"category": "external",
"summary": "RHBZ#634457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=634457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3081",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3081"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-11-12T09:36:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0882"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"3AS-ELS:kernel-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-0:2.4.21-66.EL.src",
"3AS-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3AS-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3AS-ELS:kernel-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-0:2.4.21-66.EL.src",
"3ES-ELS:kernel-BOOT-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-debuginfo-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-doc-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-hugemem-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-hugemem-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-smp-unsupported-0:2.4.21-66.EL.i686",
"3ES-ELS:kernel-source-0:2.4.21-66.EL.i386",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.athlon",
"3ES-ELS:kernel-unsupported-0:2.4.21-66.EL.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: 64-bit Compatibility Mode Stack Pointer Underflow"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.