rhsa-2010_0958
Vulnerability from csaf_redhat
Published
2010-12-08 19:07
Modified
2024-09-13 06:01
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix multiple security issues and three bugs
are now available for Red Hat Enterprise MRG 1.3.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
Security fixes:
* Missing sanity checks in the Intel i915 driver in the Linux kernel could
allow a local, unprivileged user to escalate their privileges.
(CVE-2010-2962, Important)
* A flaw in sctp_packet_config() in the Linux kernel's Stream Control
Transmission Protocol (SCTP) implementation could allow a remote attacker
to cause a denial of service. (CVE-2010-3432, Important)
* A missing integer overflow check in snd_ctl_new() in the Linux kernel's
sound subsystem could allow a local, unprivileged user on a 32-bit system
to cause a denial of service or escalate their privileges. (CVE-2010-3442,
Important)
* A flaw in sctp_auth_asoc_get_hmac() in the Linux kernel's SCTP
implementation. When iterating through the hmac_ids array, it did not reset
the last id element if it was out of range. This could allow a remote
attacker to cause a denial of service. (CVE-2010-3705, Important)
* Missing sanity checks in setup_arg_pages() in the Linux kernel. When
making the size of the argument and environment area on the stack very
large, it could trigger a BUG_ON(), resulting in a local denial of service.
(CVE-2010-3858, Moderate)
* A flaw in ethtool_get_rxnfc() in the Linux kernel's ethtool IOCTL
handler. When it is called with a large info.rule_cnt, it could allow a
local user to cause an information leak. (CVE-2010-3861, Moderate)
* A flaw in bcm_connect() in the Linux kernel's Controller Area Network
(CAN) Broadcast Manager. On 64-bit systems, writing the socket address may
overflow the procname character array. (CVE-2010-3874, Moderate)
* A flaw in inet_csk_diag_dump() in the Linux kernel's module for
monitoring the sockets of INET transport protocols. By sending a netlink
message with certain bytecode, a local, unprivileged user could cause a
denial of service. (CVE-2010-3880, Moderate)
* Missing sanity checks in gdth_ioctl_alloc() in the gdth driver in the
Linux kernel, could allow a local user with access to "/dev/gdth" on a
64-bit system to cause a denial of service or escalate their privileges.
(CVE-2010-4157, Moderate)
* A use-after-free flaw in the mprotect() system call could allow a local,
unprivileged user to cause a local denial of service. (CVE-2010-4169,
Moderate)
* Missing initialization flaws in the Linux kernel could lead to
information leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073,
CVE-2010-4074, CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080,
CVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)
Red Hat would like to thank Kees Cook for reporting CVE-2010-2962,
CVE-2010-3861, and CVE-2010-4072; Dan Rosenberg for reporting
CVE-2010-3442, CVE-2010-3705, CVE-2010-3874, CVE-2010-4073, CVE-2010-4074,
CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4082,
CVE-2010-4083, and CVE-2010-4158; Brad Spengler for reporting
CVE-2010-3858; Nelson Elhage for reporting CVE-2010-3880; and Vasiliy
Kulikov for reporting CVE-2010-3876.
Bug fixes:
* A vulnerability in the 32-bit compatibility code for the VIDIOCSMICROCODE
IOCTL in the Video4Linux implementation. It does not affect Red Hat
Enterprise MRG, but as a preventive measure, this update removes the code.
Red Hat would like to thank Kees Cook for reporting this vulnerability.
(BZ#642469)
* The kernel-rt spec file was missing the crypto, drm, generated, and trace
header directories when generating the kernel-rt-devel package, resulting
in out-of-tree modules failing to build. (BZ#608784)
* On computers without a supported Performance Monitoring Unit, a crash
would occur when running the "perf top" command, and occasionally other
perf commands. perf software events are now marked as IRQ safe to avoid
this crash. (BZ#647434)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel-rt packages that fix multiple security issues and three bugs\nare now available for Red Hat Enterprise MRG 1.3.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* Missing sanity checks in the Intel i915 driver in the Linux kernel could\nallow a local, unprivileged user to escalate their privileges.\n(CVE-2010-2962, Important)\n\n* A flaw in sctp_packet_config() in the Linux kernel\u0027s Stream Control\nTransmission Protocol (SCTP) implementation could allow a remote attacker\nto cause a denial of service. (CVE-2010-3432, Important)\n\n* A missing integer overflow check in snd_ctl_new() in the Linux kernel\u0027s\nsound subsystem could allow a local, unprivileged user on a 32-bit system\nto cause a denial of service or escalate their privileges. (CVE-2010-3442,\nImportant)\n\n* A flaw in sctp_auth_asoc_get_hmac() in the Linux kernel\u0027s SCTP\nimplementation. When iterating through the hmac_ids array, it did not reset\nthe last id element if it was out of range. This could allow a remote\nattacker to cause a denial of service. (CVE-2010-3705, Important)\n\n* Missing sanity checks in setup_arg_pages() in the Linux kernel. When\nmaking the size of the argument and environment area on the stack very\nlarge, it could trigger a BUG_ON(), resulting in a local denial of service.\n(CVE-2010-3858, Moderate)\n\n* A flaw in ethtool_get_rxnfc() in the Linux kernel\u0027s ethtool IOCTL\nhandler. When it is called with a large info.rule_cnt, it could allow a\nlocal user to cause an information leak. (CVE-2010-3861, Moderate)\n\n* A flaw in bcm_connect() in the Linux kernel\u0027s Controller Area Network\n(CAN) Broadcast Manager. On 64-bit systems, writing the socket address may\noverflow the procname character array. (CVE-2010-3874, Moderate)\n\n* A flaw in inet_csk_diag_dump() in the Linux kernel\u0027s module for\nmonitoring the sockets of INET transport protocols. By sending a netlink\nmessage with certain bytecode, a local, unprivileged user could cause a\ndenial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks in gdth_ioctl_alloc() in the gdth driver in the\nLinux kernel, could allow a local user with access to \"/dev/gdth\" on a\n64-bit system to cause a denial of service or escalate their privileges.\n(CVE-2010-4157, Moderate)\n\n* A use-after-free flaw in the mprotect() system call could allow a local,\nunprivileged user to cause a local denial of service. (CVE-2010-4169,\nModerate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073,\nCVE-2010-4074, CVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080,\nCVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2010-2962,\nCVE-2010-3861, and CVE-2010-4072; Dan Rosenberg for reporting\nCVE-2010-3442, CVE-2010-3705, CVE-2010-3874, CVE-2010-4073, CVE-2010-4074,\nCVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4082,\nCVE-2010-4083, and CVE-2010-4158; Brad Spengler for reporting\nCVE-2010-3858; Nelson Elhage for reporting CVE-2010-3880; and Vasiliy\nKulikov for reporting CVE-2010-3876.\n\nBug fixes:\n\n* A vulnerability in the 32-bit compatibility code for the VIDIOCSMICROCODE\nIOCTL in the Video4Linux implementation. It does not affect Red Hat\nEnterprise MRG, but as a preventive measure, this update removes the code.\nRed Hat would like to thank Kees Cook for reporting this vulnerability.\n(BZ#642469)\n\n* The kernel-rt spec file was missing the crypto, drm, generated, and trace\nheader directories when generating the kernel-rt-devel package, resulting\nin out-of-tree modules failing to build. (BZ#608784)\n\n* On computers without a supported Performance Monitoring Unit, a crash\nwould occur when running the \"perf top\" command, and occasionally other\nperf commands. perf software events are now marked as IRQ safe to avoid\nthis crash. (BZ#647434)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2010:0958",
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "608784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=608784"
},
{
"category": "external",
"summary": "637675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637675"
},
{
"category": "external",
"summary": "637688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637688"
},
{
"category": "external",
"summary": "638478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638478"
},
{
"category": "external",
"summary": "640036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640036"
},
{
"category": "external",
"summary": "642469",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=642469"
},
{
"category": "external",
"summary": "645222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645222"
},
{
"category": "external",
"summary": "646725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=646725"
},
{
"category": "external",
"summary": "647434",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647434"
},
{
"category": "external",
"summary": "648656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648656"
},
{
"category": "external",
"summary": "648658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648658"
},
{
"category": "external",
"summary": "648659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648659"
},
{
"category": "external",
"summary": "648660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648660"
},
{
"category": "external",
"summary": "648663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648663"
},
{
"category": "external",
"summary": "648666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648666"
},
{
"category": "external",
"summary": "648669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648669"
},
{
"category": "external",
"summary": "648671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648671"
},
{
"category": "external",
"summary": "648673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648673"
},
{
"category": "external",
"summary": "649695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=649695"
},
{
"category": "external",
"summary": "649715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=649715"
},
{
"category": "external",
"summary": "651147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651147"
},
{
"category": "external",
"summary": "651264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651264"
},
{
"category": "external",
"summary": "651671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651671"
},
{
"category": "external",
"summary": "651698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651698"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2010/rhsa-2010_0958.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-09-13T06:01:59+00:00",
"generator": {
"date": "2024-09-13T06:01:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2010:0958",
"initial_release_date": "2010-12-08T19:07:00+00:00",
"revision_history": [
{
"date": "2010-12-08T19:07:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-12-08T14:08:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T06:01:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MRG Realtime for RHEL 5 Server",
"product": {
"name": "MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-5"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "perf-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "perf-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "perf-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product": {
"name": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_id": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.33.7-rt29.47.el5rt?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_id": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.33.7-rt29.47.el5rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"product": {
"name": "kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"product_id": "kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.33.7-rt29.47.el5rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"product": {
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"product_id": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.33.7-rt29.47.el5rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.src as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src"
},
"product_reference": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch"
},
"product_reference": "kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "perf-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686"
},
"product_reference": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kees Cook"
]
}
],
"cve": "CVE-2010-2962",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-09-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "637688"
}
],
"notes": [
{
"category": "description",
"text": "drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: arbitrary kernel memory write via i915 GEM ioctl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG did not include support for Graphics Execution Manager (GEM) in the i915 driver, and therefore are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-2962"
},
{
"category": "external",
"summary": "RHBZ#637688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-2962",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2962"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2962",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2962"
}
],
"release_date": "2010-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: arbitrary kernel memory write via i915 GEM ioctl"
},
{
"cve": "CVE-2010-3432",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-09-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "637675"
}
],
"notes": [
{
"category": "description",
"text": "The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP traffic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp: do not reset the packet during sctp_packet_config",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for SCTP. This was addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0958.html and https://rhn.redhat.com/errata/RHSA-2010-0842.html. Future updates in Red Hat Enterprise Linux 4 and 5 may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3432"
},
{
"category": "external",
"summary": "RHBZ#637675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=637675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3432",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3432"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
},
{
"category": "workaround",
"details": "For users that do not run applications that use SCTP, you can prevent the sctp module from being loaded by adding the following entry to the end of the /etc/modprobe.d/blacklist file:\n\nblacklist sctp\n\nThis way, the sctp module cannot be loaded accidentally, which may occur if an application that requires SCTP is started. A reboot is not necessary for this change to take effect.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sctp: do not reset the packet during sctp_packet_config"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-3442",
"discovery_date": "2010-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "638478"
}
],
"notes": [
{
"category": "description",
"text": "Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: prevent heap corruption in snd_ctl_new()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3442"
},
{
"category": "external",
"summary": "RHBZ#638478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=638478"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3442",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3442"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3442",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3442"
}
],
"release_date": "2010-09-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: prevent heap corruption in snd_ctl_new()"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-3705",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2010-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "640036"
}
],
"notes": [
{
"category": "description",
"text": "The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sctp memory corruption in HMAC handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/CVE-2010-3705.\n\nThis issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for SCTP. It did not affect Red Hat Enterprise Linux 4 and 5 as it did not include upstream commit 1f485649 that introduced the problem. Future kernel updates in Red Hat Enterprise MRG may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3705"
},
{
"category": "external",
"summary": "RHBZ#640036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=640036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3705"
}
],
"release_date": "2010-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sctp memory corruption in HMAC handling"
},
{
"acknowledgments": [
{
"names": [
"Brad Spengler"
]
}
],
"cve": "CVE-2010-3858",
"discovery_date": "2010-08-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "645222"
}
],
"notes": [
{
"category": "description",
"text": "The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: setup_arg_pages: diagnose excessive argument size",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 4 as they did not backport the upstream commit b6a2fea3 that introduced the issue. This was addressed in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0004.html and \nhttps://rhn.redhat.com/errata/RHSA-2010-0958.html. Future kernel updates in Red Hat Enterprise Linux 6 may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3858"
},
{
"category": "external",
"summary": "RHBZ#645222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=645222"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3858",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3858"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3858",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3858"
}
],
"release_date": "2010-08-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: setup_arg_pages: diagnose excessive argument size"
},
{
"acknowledgments": [
{
"names": [
"Kees Cook"
]
}
],
"cve": "CVE-2010-3861",
"discovery_date": "2010-10-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "646725"
}
],
"notes": [
{
"category": "description",
"text": "The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: heap contents leak from ETHTOOL_GRXCLSRLALL",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 3 and 4, as they do not include support for the Neptune\nEthernet driver. It did not affect Red Hat Enterprise Linux 5 as it did not contain the upstream commit 0853ad66 that introduced this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3861"
},
{
"category": "external",
"summary": "RHBZ#646725",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=646725"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3861",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3861"
}
],
"release_date": "2010-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: heap contents leak from ETHTOOL_GRXCLSRLALL"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-3874",
"discovery_date": "2010-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "649695"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: CAN minor heap overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 did not include CAN bus subsystem support, and therefore are not affected by this issue. Future kernel updates in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3874"
},
{
"category": "external",
"summary": "RHBZ#649695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=649695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3874",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3874"
}
],
"release_date": "2010-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: CAN minor heap overflow"
},
{
"acknowledgments": [
{
"names": [
"Vasiliy Kulikov"
],
"organization": "Openwall"
}
],
"cve": "CVE-2010-3876",
"discovery_date": "2010-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "649715"
}
],
"notes": [
{
"category": "description",
"text": "net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/packet/af_packet.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to\nthis product being in Extended Life Cycle Phase of its maintenance life-cycle,\nwhere only qualified security errata of critical impact are addressed.\n\nFor further information about the Errata Support Policy, visit:\nhttp://www.redhat.com/security/updates/errata",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3876"
},
{
"category": "external",
"summary": "RHBZ#649715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=649715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3876",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3876"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3876",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3876"
}
],
"release_date": "2010-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: net/packet/af_packet.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Nelson Elhage"
]
}
],
"cve": "CVE-2010-3880",
"discovery_date": "2010-11-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651264"
}
],
"notes": [
{
"category": "description",
"text": "net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: logic error in INET_DIAG bytecode auditing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for monitoring of INET transport protocol sockets. Future updates in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-3880"
},
{
"category": "external",
"summary": "RHBZ#651264",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651264"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-3880",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3880"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-3880",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3880"
}
],
"release_date": "2010-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: logic error in INET_DIAG bytecode auditing"
},
{
"acknowledgments": [
{
"names": [
"Vasiliy Kulikov"
],
"organization": "Openwall"
},
{
"names": [
"Kees Cook"
]
}
],
"cve": "CVE-2010-4072",
"discovery_date": "2010-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648656"
}
],
"notes": [
{
"category": "description",
"text": "The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the \"old shm interface.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipc/shm.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Extended Life Cycle Phase of its maintenance life-cycle, where only qualified security errata of critical impact are addressed.\n \nFor further information about the Errata Support Policy, visit:\nhttp://www.redhat.com/security/updates/errata",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4072"
},
{
"category": "external",
"summary": "RHBZ#648656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648656"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4072",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4072"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4072",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4072"
}
],
"release_date": "2010-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ipc/shm.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4073",
"discovery_date": "2010-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648658"
}
],
"notes": [
{
"category": "description",
"text": "The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipc/compat*.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of Linux kernel as shipped with Red Hat\nEnterprise Linux 3 as it did not include IPC compat functionality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4073"
},
{
"category": "external",
"summary": "RHBZ#648658",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648658"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4073",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4073"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4073",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4073"
}
],
"release_date": "2010-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ipc/compat*.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4074",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648659"
}
],
"notes": [
{
"category": "description",
"text": "The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 3, 4, and 5 as they did not include support for Moschip USB\nserial port adapters.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4074"
},
{
"category": "external",
"summary": "RHBZ#648659",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648659"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4074"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drivers/usb/serial/mos*.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4075",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648660"
}
],
"notes": [
{
"category": "description",
"text": "The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/serial/serial_core.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of Linux kernel as shipped with Red Hat\nEnterprise Linux 3 as it did not include the affected functionality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4075"
},
{
"category": "external",
"summary": "RHBZ#648660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4075",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4075"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drivers/serial/serial_core.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4077",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648663"
}
],
"notes": [
{
"category": "description",
"text": "The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/char/nozomi.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 3, 4, and 5 as they did not include support for GlobeTrotter\nHSPDA PCMCIA card.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4077"
},
{
"category": "external",
"summary": "RHBZ#648663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648663"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4077",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4077"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4077",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4077"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drivers/char/nozomi.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4079",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648666"
}
],
"notes": [
{
"category": "description",
"text": "The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/video/ivtv/ivtvfb.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 3, 4, and 5 as they did not include support for the Conexant\u0027s\nCX23415/CX23416 codec chip.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4079"
},
{
"category": "external",
"summary": "RHBZ#648666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648666"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4079",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4079"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drivers/video/ivtv/ivtvfb.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4080",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648669"
}
],
"notes": [
{
"category": "description",
"text": "The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for RME Hammerfall DSP Audio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4080"
},
{
"category": "external",
"summary": "RHBZ#648669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648669"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4080",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4080"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4080",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4080"
}
],
"release_date": "2010-09-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drivers/sound/pci/rme9652/hdsp.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4082",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648671"
}
],
"notes": [
{
"category": "description",
"text": "The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drivers/video/via/ioctl.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, and 5 as they did not include support for VIA UniChrome (Pro) and Chrome9 graphics boards.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4082"
},
{
"category": "external",
"summary": "RHBZ#648671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648671"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4082"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4082",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4082"
}
],
"release_date": "2010-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: drivers/video/via/ioctl.c: reading uninitialized stack memory"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4083",
"discovery_date": "2010-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "648673"
}
],
"notes": [
{
"category": "description",
"text": "The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipc/sem.c: reading uninitialized stack memory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3,\ndue to this product being in Extended Life Cycle Phase of its\nmaintenance life-cycle, where only qualified security errata of critical\nimpact are addressed.\n\nFor further information about the Errata Support Policy, visit:\nhttp://www.redhat.com/security/updates/errata",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4083"
},
{
"category": "external",
"summary": "RHBZ#648673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=648673"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4083"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4083",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4083"
}
],
"release_date": "2010-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ipc/sem.c: reading uninitialized stack memory"
},
{
"cve": "CVE-2010-4157",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2010-11-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651147"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: gdth: integer overflow in ioc_general()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Linux kernel as shipped with Red Hat Enterprise Linux 3 did not include the vulnerable code, and therefore is not affected by this issue. Future kernel updates in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4157"
},
{
"category": "external",
"summary": "RHBZ#651147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651147"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4157"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4157",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4157"
}
],
"release_date": "2010-11-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: gdth: integer overflow in ioc_general()"
},
{
"acknowledgments": [
{
"names": [
"Dan Rosenberg"
]
}
],
"cve": "CVE-2010-4158",
"discovery_date": "2010-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651698"
}
],
"notes": [
{
"category": "description",
"text": "The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: socket filters infoleak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4158"
},
{
"category": "external",
"summary": "RHBZ#651698",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651698"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4158",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4158"
}
],
"release_date": "2010-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: socket filters infoleak"
},
{
"cve": "CVE-2010-4169",
"discovery_date": "2010-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "651671"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: perf bug",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 did not backport the upstream commit dab5855 that introduced the issue. Future kernel updates in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2010-4169"
},
{
"category": "external",
"summary": "RHBZ#651671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=651671"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2010-4169",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-4169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4169"
}
],
"release_date": "2010-11-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2010:0958"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.7-rt29.47.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-0:2.6.33.7-rt29.47.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.i686",
"5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.7-rt29.47.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: perf bug"
}
]
}
Loading...