rhsa-2011_0500
Vulnerability from csaf_redhat
Published
2011-05-10 17:16
Modified
2024-11-22 05:35
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix multiple security issues and various
bugs are now available for Red Hat Enterprise MRG 1.3.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* A race condition in the way the Linux kernel's InfiniBand implementation
set up new connections could allow a remote user to cause a denial of
service. (CVE-2011-0695, Important)
* An integer signedness flaw in drm_modeset_ctl() could allow a local,
unprivileged user to cause a denial of service or escalate their
privileges. (CVE-2011-1013, Important)
* A flaw in dccp_rcv_state_process() could allow a remote attacker to cause
a denial of service, even when the socket was already closed.
(CVE-2011-1093, Important)
* A missing validation of a null-terminated string data structure element
in bnep_sock_ioctl() could allow a local user to cause an information leak
or a denial of service. (CVE-2011-1079, Moderate)
* A flaw in the Linux kernel's Event Poll (epoll) implementation could
allow a local, unprivileged user to cause a denial of service.
(CVE-2011-1082, Moderate)
* A missing initialization flaw in the XFS file system implementation could
lead to an information leak. (CVE-2011-0711, Low)
* The start_code and end_code values in "/proc/[pid]/stat" were not
protected. In certain scenarios, this flaw could be used to defeat Address
Space Layout Randomization (ASLR). (CVE-2011-0726, Low)
* A missing validation check in the Linux kernel's mac_partition()
implementation, used for supporting file systems created on Mac OS
operating systems, could allow a local attacker to cause a denial of
service by mounting a disk that contains specially-crafted partitions.
(CVE-2011-1010, Low)
* A flaw in dev_load() could allow a local user who has the CAP_NET_ADMIN
capability to load arbitrary modules from "/lib/modules/", instead of only
netdev modules. (CVE-2011-1019, Low)
* A missing initialization flaw in sco_sock_getsockopt_old() could allow a
local, unprivileged user to cause an information leak. (CVE-2011-1078, Low)
* A buffer overflow flaw in the DEC Alpha OSF partition implementation in
the Linux kernel could allow a local attacker to cause an information leak
by mounting a disk that contains specially-crafted partition tables.
(CVE-2011-1163, Low)
* Missing validations of null-terminated string data structure elements
in the do_replace(), compat_do_replace(), do_ipt_get_ctl(),
do_ip6t_get_ctl(), and do_arpt_get_ctl() functions could allow a local user
who has the CAP_NET_ADMIN capability to cause an information leak.
(CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1080, Low)
Red Hat would like to thank Jens Kuehnel for reporting CVE-2011-0695;
Vasiliy Kulikov for reporting CVE-2011-1079, CVE-2011-1019, CVE-2011-1078,
CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, and CVE-2011-1080; Nelson
Elhage for reporting CVE-2011-1082; Dan Rosenberg for reporting
CVE-2011-0711; Kees Cook for reporting CVE-2011-0726; and Timo Warns for
reporting CVE-2011-1010 and CVE-2011-1163.
This update also fixes various bugs. Documentation for these bug fixes will
be available shortly from the Technical Notes document linked to in the
References section.
Users should upgrade to these updated packages, which upgrade the kernel-rt
kernel to version 2.6.33.9-rt31, and correct these issues. The system must
be rebooted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated kernel-rt packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise MRG 1.3.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A race condition in the way the Linux kernel\u0027s InfiniBand implementation\nset up new connections could allow a remote user to cause a denial of\nservice. (CVE-2011-0695, Important)\n\n* An integer signedness flaw in drm_modeset_ctl() could allow a local,\nunprivileged user to cause a denial of service or escalate their\nprivileges. (CVE-2011-1013, Important)\n\n* A flaw in dccp_rcv_state_process() could allow a remote attacker to cause\na denial of service, even when the socket was already closed.\n(CVE-2011-1093, Important)\n\n* A missing validation of a null-terminated string data structure element\nin bnep_sock_ioctl() could allow a local user to cause an information leak\nor a denial of service. (CVE-2011-1079, Moderate)\n\n* A flaw in the Linux kernel\u0027s Event Poll (epoll) implementation could\nallow a local, unprivileged user to cause a denial of service.\n(CVE-2011-1082, Moderate)\n\n* A missing initialization flaw in the XFS file system implementation could\nlead to an information leak. (CVE-2011-0711, Low)\n\n* The start_code and end_code values in \"/proc/[pid]/stat\" were not\nprotected. In certain scenarios, this flaw could be used to defeat Address\nSpace Layout Randomization (ASLR). (CVE-2011-0726, Low)\n\n* A missing validation check in the Linux kernel\u0027s mac_partition()\nimplementation, used for supporting file systems created on Mac OS\noperating systems, could allow a local attacker to cause a denial of\nservice by mounting a disk that contains specially-crafted partitions.\n(CVE-2011-1010, Low)\n\n* A flaw in dev_load() could allow a local user who has the CAP_NET_ADMIN\ncapability to load arbitrary modules from \"/lib/modules/\", instead of only\nnetdev modules. (CVE-2011-1019, Low)\n\n* A missing initialization flaw in sco_sock_getsockopt_old() could allow a\nlocal, unprivileged user to cause an information leak. (CVE-2011-1078, Low)\n\n* A buffer overflow flaw in the DEC Alpha OSF partition implementation in\nthe Linux kernel could allow a local attacker to cause an information leak\nby mounting a disk that contains specially-crafted partition tables.\n(CVE-2011-1163, Low)\n\n* Missing validations of null-terminated string data structure elements\nin the do_replace(), compat_do_replace(), do_ipt_get_ctl(),\ndo_ip6t_get_ctl(), and do_arpt_get_ctl() functions could allow a local user\nwho has the CAP_NET_ADMIN capability to cause an information leak.\n(CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1080, Low)\n\nRed Hat would like to thank Jens Kuehnel for reporting CVE-2011-0695;\nVasiliy Kulikov for reporting CVE-2011-1079, CVE-2011-1019, CVE-2011-1078,\nCVE-2011-1170, CVE-2011-1171, CVE-2011-1172, and CVE-2011-1080; Nelson\nElhage for reporting CVE-2011-1082; Dan Rosenberg for reporting\nCVE-2011-0711; Kees Cook for reporting CVE-2011-0726; and Timo Warns for\nreporting CVE-2011-1010 and CVE-2011-1163.\n\nThis update also fixes various bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which upgrade the kernel-rt\nkernel to version 2.6.33.9-rt31, and correct these issues. The system must\nbe rebooted for this update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2011:0500", "url": "https://access.redhat.com/errata/RHSA-2011:0500" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/1.3/html/Technical_Notes/RHSA-2011-0500.html", "url": "http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/1.3/html/Technical_Notes/RHSA-2011-0500.html" }, { "category": "external", "summary": "653648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=653648" }, { "category": "external", "summary": "677260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=677260" }, { "category": "external", "summary": "679282", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=679282" }, { "category": "external", "summary": "679925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=679925" }, { "category": "external", "summary": "680360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680360" }, { "category": "external", "summary": "681259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681259" }, { "category": "external", "summary": "681260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681260" }, { "category": "external", "summary": "681262", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681262" }, { "category": "external", "summary": "681575", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681575" }, { "category": "external", "summary": "682954", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682954" }, { "category": "external", "summary": "684569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=684569" }, { "category": "external", "summary": "688021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688021" }, { "category": "external", "summary": "689321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=689321" }, { "category": "external", "summary": "689327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=689327" }, { "category": "external", "summary": "689345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=689345" }, { "category": "external", "summary": "692665", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692665" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0500.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-22T05:35:48+00:00", "generator": { "date": "2024-11-22T05:35:48+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2011:0500", "initial_release_date": "2011-05-10T17:16:00+00:00", "revision_history": [ { "date": "2011-05-10T17:16:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2011-05-10T13:18:23+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T05:35:48+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "MRG Realtime for RHEL 5 Server", "product": { "name": "MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5" } } } ], "category": "product_family", "name": "Red Hat Enterprise MRG for RHEL-5" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "perf-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "perf-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "perf-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@2.6.33.9-rt31.64.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "product": { "name": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "product_id": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.33.9-rt31.64.el5rt?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "product": { "name": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_id": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.33.9-rt31.64.el5rt?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "product": { "name": "kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "product_id": "kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.33.9-rt31.64.el5rt?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "product": { "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "product_id": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.33.9-rt31.64.el5rt?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.src as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src" }, "product_reference": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch" }, "product_reference": "kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "perf-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686" }, "product_reference": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" }, "product_reference": "perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Jens Kuehnel" ] } ], "cve": "CVE-2011-0695", "discovery_date": "2011-02-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "653648" } ], "notes": [ { "category": "description", "text": "Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending an InfiniBand request while other request handlers are still running, which triggers an invalid pointer dereference.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: panic in ib_cm:cm_work_handler", "title": "Vulnerability summary" }, { "category": "other", "text": "This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-0421.html, and https://rhn.redhat.com/errata/RHSA-2011-0500.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0695" }, { "category": "external", "summary": "RHBZ#653648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=653648" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0695", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0695" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0695", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0695" } ], "release_date": "2010-11-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: panic in ib_cm:cm_work_handler" }, { "acknowledgments": [ { "names": [ "Dan Rosenberg" ] } ], "cve": "CVE-2011-0711", "discovery_date": "2011-02-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "677260" } ], "notes": [ { "category": "description", "text": "The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FSGEOMETRY_V1 ioctl call.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not have support for the XFS file system. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise\nMRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-0498.html, and https://rhn.redhat.com/errata/RHSA-2011-0500.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0711" }, { "category": "external", "summary": "RHBZ#677260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=677260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0711", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0711" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0711", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0711" } ], "release_date": "2011-02-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1" }, { "acknowledgments": [ { "names": [ "Kees Cook" ] } ], "cve": "CVE-2011-0726", "discovery_date": "2011-03-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "684569" } ], "notes": [ { "category": "description", "text": "The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: proc: protect mm start_code/end_code in /proc/pid/stat", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle,\nhttps://access.redhat.com/support/policy/updates/errata/, therefore the fix for\nthis issue is not currently planned to be included in the future updates. Future kernel updates in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-0726" }, { "category": "external", "summary": "RHBZ#684569", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=684569" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-0726", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0726" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-0726", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-0726" } ], "release_date": "2011-03-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: proc: protect mm start_code/end_code in /proc/pid/stat" }, { "acknowledgments": [ { "names": [ "Timo Warns" ] } ], "cve": "CVE-2011-1010", "discovery_date": "2011-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "679282" } ], "notes": [ { "category": "description", "text": "Buffer overflow in the mac_partition function in fs/partitions/mac.c in the Linux kernel before 2.6.37.2 allows local users to cause a denial of service (panic) or possibly have unspecified other impact via a malformed Mac OS partition table.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fs/partitions: Validate map_count in Mac partition tables", "title": "Vulnerability summary" }, { "category": "other", "text": "This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0429.html, https://rhn.redhat.com/errata/RHSA-2011-0542.html and https://rhn.redhat.com/errata/RHSA-2011-0500.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1010" }, { "category": "external", "summary": "RHBZ#679282", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=679282" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1010", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1010" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1010", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1010" } ], "release_date": "2011-02-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: fs/partitions: Validate map_count in Mac partition tables" }, { "cve": "CVE-2011-1013", "discovery_date": "2011-02-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "679925" } ], "notes": [ { "category": "description", "text": "Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm_modeset_ctl signedness issue", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of the Linux kernel as shipped with Red\nHat Enterprise Linux 4, 5 as they did not include the affected functionality. A future update in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1013" }, { "category": "external", "summary": "RHBZ#679925", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=679925" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1013", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1013" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1013", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1013" } ], "release_date": "2011-02-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: drm_modeset_ctl signedness issue" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1019", "discovery_date": "2011-02-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "680360" } ], "notes": [ { "category": "description", "text": "The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit a8f80e8f that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0498.html and https://rhn.redhat.com/errata/RHSA-2011-0500.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1019" }, { "category": "external", "summary": "RHBZ#680360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680360" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1019", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1019" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1019", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1019" } ], "release_date": "2011-02-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: CAP_SYS_MODULE bypass via CAP_NET_ADMIN" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1078", "discovery_date": "2011-02-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "681259" } ], "notes": [ { "category": "description", "text": "The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bt sco_conninfo infoleak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1078" }, { "category": "external", "summary": "RHBZ#681259", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681259" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1078", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1078" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1078", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1078" } ], "release_date": "2011-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: bt sco_conninfo infoleak" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1079", "discovery_date": "2011-02-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "681260" } ], "notes": [ { "category": "description", "text": "The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a \u0027\\0\u0027 character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and system crash), via a BNEPCONNADD command.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bnep device field missing NULL terminator", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1079" }, { "category": "external", "summary": "RHBZ#681260", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681260" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1079", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1079" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1079", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1079" } ], "release_date": "2011-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: bnep device field missing NULL terminator" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1080", "discovery_date": "2011-02-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "681262" } ], "notes": [ { "category": "description", "text": "The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a \u0027\\0\u0027 character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ebtables stack infoleak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1080" }, { "category": "external", "summary": "RHBZ#681262", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681262" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1080", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1080" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1080", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1080" } ], "release_date": "2011-02-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ebtables stack infoleak" }, { "acknowledgments": [ { "names": [ "Nelson Elhage" ] } ], "cve": "CVE-2011-1082", "discovery_date": "2011-03-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "681575" } ], "notes": [ { "category": "description", "text": "fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: potential kernel deadlock when creating circular epoll file structures", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5. This was addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0542.html and https://rhn.redhat.com/errata/RHSA-2011-0500.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1082" }, { "category": "external", "summary": "RHBZ#681575", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=681575" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1082", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1082" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1082", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1082" } ], "release_date": "2011-02-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: potential kernel deadlock when creating circular epoll file structures" }, { "cve": "CVE-2011-1093", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2011-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "682954" } ], "notes": [ { "category": "description", "text": "The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dccp: fix oops on Reset after close", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for the DCCP protocol. Future updates in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1093" }, { "category": "external", "summary": "RHBZ#682954", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682954" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1093", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1093" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1093", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1093" } ], "release_date": "2011-03-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" }, { "category": "workaround", "details": "For users that do not run applications that use DCCP, you can prevent the dccp\nmodule from being loaded by adding the following entry to the end of the\n/etc/modprobe.d/blacklist file:\n\nblacklist dccp\n\nThis way, the dccp module cannot be loaded accidentally, which may occur if an\napplication that requires DCCP is started. A reboot is not necessary for this\nchange to take effect but do make sure the module is not loaded in the first\nplace. You can verify that by running:\n\nlsmod | grep dccp\n\nYou may also consider removing the CAP_SYS_MODULE capability from the current\nglobal capability set to prevent kernel modules from being loaded or unloaded.\nThe CAP_SYS_MODULE has a capability number of 16 (see linux/capability.h). The\ndefault value has all the bits set. To remove this capability, you have to\nclear the 16th bit of the default 32-bit value, e.g. 0xffffff ^ (1 \u003c\u003c 16):\n\necho 0xFFFEFFFF \u003e /proc/sys/kernel/cap-bound", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: dccp: fix oops on Reset after close" }, { "acknowledgments": [ { "names": [ "Timo Warns" ] } ], "cve": "CVE-2011-1163", "discovery_date": "2011-03-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "688021" } ], "notes": [ { "category": "description", "text": "The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fs/partitions: Corrupted OSF partition table infoleak", "title": "Vulnerability summary" }, { "category": "other", "text": "This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0833.html, https://rhn.redhat.com/errata/RHSA-2011-0542.html, and https://rhn.redhat.com/errata/RHSA-2011-0500.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for\nthis issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1163" }, { "category": "external", "summary": "RHBZ#688021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=688021" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1163", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1163" } ], "release_date": "2011-03-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: fs/partitions: Corrupted OSF partition table infoleak" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1170", "discovery_date": "2011-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "689321" } ], "notes": [ { "category": "description", "text": "net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected \u0027\\0\u0027 character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance\nlife-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore\nthe fix for this issue is not currently planned to be included in the future\nupdates. Future kernel updates in Red Hat Enterprise Linux 5, 6 and Red Hat\nEnterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1170" }, { "category": "external", "summary": "RHBZ#689321", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=689321" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1170", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1170" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1170", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1170" } ], "release_date": "2011-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ipv4: netfilter: arp_tables: fix infoleak to userspace" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1171", "discovery_date": "2011-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "689327" } ], "notes": [ { "category": "description", "text": "net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected \u0027\\0\u0027 character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance\nlife-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates. Future kernel updates in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1171" }, { "category": "external", "summary": "RHBZ#689327", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=689327" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1171", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1171" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1171", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1171" } ], "release_date": "2011-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ipv4: netfilter: ip_tables: fix infoleak to userspace" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1172", "discovery_date": "2011-03-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "689345" } ], "notes": [ { "category": "description", "text": "net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected \u0027\\0\u0027 character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle,\nhttps://access.redhat.com/support/policy/updates/errata/, therefore the fix for\nthis issue is not currently planned to be included in the future updates. Future kernel updates in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise\nMRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1172" }, { "category": "external", "summary": "RHBZ#689345", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=689345" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1172", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1172" } ], "release_date": "2011-03-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-05-10T17:16:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2011:0500" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.33.9-rt31.64.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-0:2.6.33.9-rt31.64.el5rt.x86_64", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.i686", "5Server-MRG-Realtime-1.0:perf-debuginfo-0:2.6.33.9-rt31.64.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ipv6: netfilter: ip6_tables: fix infoleak to userspace" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.