rhsa-2012_0333
Vulnerability from csaf_redhat
Published
2012-02-23 20:18
Modified
2024-09-13 07:58
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix multiple security issues and various
bugs are now available for Red Hat Enterprise MRG 2.1.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
These packages contain the Linux kernel.
Security fixes:
* SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to
the underlying block device, allowing a privileged user to bypass
restrictions and gain read and write access (and be able to issue other
SCSI commands) to the entire block device. (CVE-2011-4127, Important)
* A local, unprivileged user could use an integer overflow flaw in
drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their
privileges. (CVE-2012-0044, Important)
* A local, unprivileged user could use a flaw in the Performance Events
implementation to cause a denial of service. (CVE-2011-2918, Moderate)
* A local, unprivileged user could use flaws in the XFS file system
implementation to cause a denial of service or escalate their privileges by
mounting a specially-crafted disk. (CVE-2011-4077, CVE-2012-0038, Moderate)
* A local, unprivileged user could use a flaw in the Out of Memory (OOM)
killer to monopolize memory, have their process skipped by the OOM killer,
or cause other tasks to be terminated. (CVE-2011-4097, Moderate)
* A local, unprivileged user could use a flaw in the key management
facility to cause a denial of service. (CVE-2011-4110, Moderate)
* A malicious Network File System version 4 (NFSv4) server could return a
crafted reply to a GETACL request, causing a denial of service on the
client. (CVE-2011-4131, Moderate)
* A local attacker could use a flaw in the Journaling Block Device (JBD) to
crash the system by mounting a specially-crafted ext3 or ext4 disk.
(CVE-2011-4132, Moderate)
* A flaw in igmp_heard_query() could allow an attacker, who is able to send
certain IGMP (Internet Group Management Protocol) packets to a target
system, to cause a denial of service. (CVE-2012-0207, Moderate)
* If lock contention during signal sending occurred when in a software
interrupt handler that is using the per-CPU debug stack, the task could be
scheduled out on the realtime kernel, possibly leading to debug stack
corruption. A local, unprivileged user could use this flaw to cause a
denial of service. (CVE-2012-0810, Moderate)
Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044;
Wang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting
CVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon McVittie
for reporting CVE-2012-0207.
Bug fixes:
* When a sleeping task, waiting on a futex (fast userspace mutex), tried to
get the spin_lock(hb->lock) RT-mutex, if the owner of the futex released
the lock, the sleeping task was put on a futex proxy lock. Consequently,
the sleeping task was blocked on two locks and eventually terminated in the
BUG_ON() function. With this update, the WAKEUP_INPROGRESS pseudo-lock has
been added to be used as a proxy lock. This pseudo-lock tells the sleeping
task that it is being woken up so that the task no longer tries to get the
second lock. Now, the futex code works as expected and sleeping tasks no
longer crash in the described scenario. (BZ#784733)
* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some
services such as sshd and ipsec, while working properly, returned warning
messages regarding this missing option during start up. With this update,
CONFIG_CRYPTO_FIPS has been enabled and no warning messages are now
returned in the described scenario. (BZ#786145)
* Previously, when a read operation on a loop device failed, the data
successfully read from the device was not cleared and could eventually
leak. This bug has been fixed and all data are now properly cleared in the
described scenario. (BZ#761420)
* Due to an assembler-sourced object, the perf utility (from the perf-rt
package) for AMD64 and Intel 64 architectures contained an executable
stack. This update adds the ".note.GNU-stack" section definition to the
bench/mem-memcpy-x86-64-asm.S component of perf, with all flags disabled,
and perf no longer contains an executable stack, thus fixing this bug.
(BZ#783570)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel-rt packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "These packages contain the Linux kernel.\n\nSecurity fixes:\n\n* SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to\nthe underlying block device, allowing a privileged user to bypass\nrestrictions and gain read and write access (and be able to issue other\nSCSI commands) to the entire block device. (CVE-2011-4127, Important)\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their\nprivileges. (CVE-2012-0044, Important)\n\n* A local, unprivileged user could use a flaw in the Performance Events\nimplementation to cause a denial of service. (CVE-2011-2918, Moderate)\n\n* A local, unprivileged user could use flaws in the XFS file system\nimplementation to cause a denial of service or escalate their privileges by\nmounting a specially-crafted disk. (CVE-2011-4077, CVE-2012-0038, Moderate)\n\n* A local, unprivileged user could use a flaw in the Out of Memory (OOM)\nkiller to monopolize memory, have their process skipped by the OOM killer,\nor cause other tasks to be terminated. (CVE-2011-4097, Moderate)\n\n* A local, unprivileged user could use a flaw in the key management\nfacility to cause a denial of service. (CVE-2011-4110, Moderate)\n\n* A malicious Network File System version 4 (NFSv4) server could return a\ncrafted reply to a GETACL request, causing a denial of service on the\nclient. (CVE-2011-4131, Moderate)\n\n* A local attacker could use a flaw in the Journaling Block Device (JBD) to\ncrash the system by mounting a specially-crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* A flaw in igmp_heard_query() could allow an attacker, who is able to send\ncertain IGMP (Internet Group Management Protocol) packets to a target\nsystem, to cause a denial of service. (CVE-2012-0207, Moderate)\n\n* If lock contention during signal sending occurred when in a software\ninterrupt handler that is using the per-CPU debug stack, the task could be\nscheduled out on the realtime kernel, possibly leading to debug stack\ncorruption. A local, unprivileged user could use this flaw to cause a\ndenial of service. (CVE-2012-0810, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nWang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting\nCVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon McVittie\nfor reporting CVE-2012-0207.\n\nBug fixes:\n\n* When a sleeping task, waiting on a futex (fast userspace mutex), tried to\nget the spin_lock(hb-\u003elock) RT-mutex, if the owner of the futex released\nthe lock, the sleeping task was put on a futex proxy lock. Consequently,\nthe sleeping task was blocked on two locks and eventually terminated in the\nBUG_ON() function. With this update, the WAKEUP_INPROGRESS pseudo-lock has\nbeen added to be used as a proxy lock. This pseudo-lock tells the sleeping\ntask that it is being woken up so that the task no longer tries to get the\nsecond lock. Now, the futex code works as expected and sleeping tasks no\nlonger crash in the described scenario. (BZ#784733)\n\n* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some\nservices such as sshd and ipsec, while working properly, returned warning\nmessages regarding this missing option during start up. With this update,\nCONFIG_CRYPTO_FIPS has been enabled and no warning messages are now\nreturned in the described scenario. (BZ#786145)\n\n* Previously, when a read operation on a loop device failed, the data\nsuccessfully read from the device was not cleared and could eventually\nleak. This bug has been fixed and all data are now properly cleared in the\ndescribed scenario. (BZ#761420)\n\n* Due to an assembler-sourced object, the perf utility (from the perf-rt\npackage) for AMD64 and Intel 64 architectures contained an executable\nstack. This update adds the \".note.GNU-stack\" section definition to the\nbench/mem-memcpy-x86-64-asm.S component of perf, with all flags disabled,\nand perf no longer contains an executable stack, thus fixing this bug.\n(BZ#783570)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:0333",
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "730706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706"
},
{
"category": "external",
"summary": "747106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=747106"
},
{
"category": "external",
"summary": "749156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749156"
},
{
"category": "external",
"summary": "750399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=750399"
},
{
"category": "external",
"summary": "751297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=751297"
},
{
"category": "external",
"summary": "752375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752375"
},
{
"category": "external",
"summary": "753341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"
},
{
"category": "external",
"summary": "772867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867"
},
{
"category": "external",
"summary": "772894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772894"
},
{
"category": "external",
"summary": "773280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=773280"
},
{
"category": "external",
"summary": "784733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=784733"
},
{
"category": "external",
"summary": "786145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=786145"
},
{
"category": "external",
"summary": "794557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2012/rhsa-2012_0333.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-09-13T07:58:48+00:00",
"generator": {
"date": "2024-09-13T07:58:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2012:0333",
"initial_release_date": "2012-02-23T20:18:00+00:00",
"revision_history": [
{
"date": "2012-02-23T20:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-02-23T20:21:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T07:58:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product": {
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-6"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"product": {
"name": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"product_id": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-firmware@3.0.18-rt34.53.el6rt?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"product": {
"name": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"product_id": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.0.18-rt34.53.el6rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"product_id": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.0.18-rt34.53.el6rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"product": {
"name": "kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"product_id": "kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.0.18-rt34.53.el6rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.0.18-rt34.53.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src"
},
"product_reference": "kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch"
},
"product_reference": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch"
},
"product_reference": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-2918",
"discovery_date": "2011-07-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "730706"
}
],
"notes": [
{
"category": "description",
"text": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: perf: Fix software event overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect Red Hat Enterprise Linux 4 and 5 as they did not include support for perf. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2012-0333.html.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2918"
},
{
"category": "external",
"summary": "RHBZ#730706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2918",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2918"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918"
}
],
"release_date": "2011-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: perf: Fix software event overflow"
},
{
"cve": "CVE-2011-4077",
"discovery_date": "2011-04-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749156"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfs: potential buffer overflow in xfs_readlink()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for XFS filesystem. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4077"
},
{
"category": "external",
"summary": "RHBZ#749156",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749156"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4077",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4077"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4077",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4077"
}
],
"release_date": "2011-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xfs: potential buffer overflow in xfs_readlink()"
},
{
"acknowledgments": [
{
"names": [
"Shubham Goyal"
]
}
],
"cve": "CVE-2011-4097",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2011-11-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "750399"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: oom_badness() integer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and 6 as they did not backport the upstream commit f755a04 that introduced this. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4097"
},
{
"category": "external",
"summary": "RHBZ#750399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=750399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4097",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4097"
}
],
"release_date": "2011-10-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: oom_badness() integer overflow"
},
{
"cve": "CVE-2011-4110",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2011-11-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "751297"
}
],
"notes": [
{
"category": "description",
"text": "The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and \"updating a negative key into a fully instantiated key.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: keys: NULL pointer deref in the user-defined key type",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1479.html, https://rhn.redhat.com/errata/RHSA-2011-1530.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4110"
},
{
"category": "external",
"summary": "RHBZ#751297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=751297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4110",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4110"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4110",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4110"
}
],
"release_date": "2011-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: keys: NULL pointer deref in the user-defined key type"
},
{
"cve": "CVE-2011-4127",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2011-11-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752375"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible privilege escalation via SG_IO ioctl",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0107.html, https://rhn.redhat.com/errata/RHSA-2011-1849.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4127"
},
{
"category": "external",
"summary": "RHBZ#752375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4127",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4127"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4127",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4127"
}
],
"release_date": "2011-12-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: possible privilege escalation via SG_IO ioctl"
},
{
"acknowledgments": [
{
"names": [
"Andy Adamson"
]
}
],
"cve": "CVE-2011-4131",
"discovery_date": "2011-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "747106"
}
],
"notes": [
{
"category": "description",
"text": "The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfs4_getfacl decoding kernel oops",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it does not provide support for NFS ACLs. This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html. Future kernel updates in Red Hat Enterprise Linux 6 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4131"
},
{
"category": "external",
"summary": "RHBZ#747106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=747106"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4131",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4131"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4131",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4131"
}
],
"release_date": "2011-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nfs4_getfacl decoding kernel oops"
},
{
"cve": "CVE-2011-4132",
"discovery_date": "2011-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "753341"
}
],
"notes": [
{
"category": "description",
"text": "The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an \"invalid log first block value.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: jbd/jbd2: invalid value of first log block leads to oops",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat\nEnterprise Linux 4 is now in Production 3 of the maintenance life-cycle,\nhttps://access.redhat.com/support/policy/updates/errata/, therefore the fix for\nthis issue is not currently planned to be included in the future updates.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4132"
},
{
"category": "external",
"summary": "RHBZ#753341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4132"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4132",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4132"
}
],
"release_date": "2011-11-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: jbd/jbd2: invalid value of first log block leads to oops"
},
{
"acknowledgments": [
{
"names": [
"Wang Xi"
]
}
],
"cve": "CVE-2012-0038",
"discovery_date": "2012-01-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "773280"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xfs heap overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not have support for the XFS file system. It did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5 as it did not backport the upstream commit ef14f0c1 that introduced the vulnerability. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0038"
},
{
"category": "external",
"summary": "RHBZ#773280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=773280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0038",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0038"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0038",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0038"
}
],
"release_date": "2011-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xfs heap overflow"
},
{
"acknowledgments": [
{
"names": [
"Chen Haogang"
]
}
],
"cve": "CVE-2012-0044",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2012-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "772894"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport commit 884840aa that introduced this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0044"
},
{
"category": "external",
"summary": "RHBZ#772894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772894"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0044",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0044"
}
],
"release_date": "2011-11-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()"
},
{
"acknowledgments": [
{
"names": [
"Simon McVittie"
]
}
],
"cve": "CVE-2012-0207",
"discovery_date": "2012-01-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "772867"
}
],
"notes": [
{
"category": "description",
"text": "The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit 5b7c8406.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0207"
},
{
"category": "external",
"summary": "RHBZ#772867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0207",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207"
}
],
"release_date": "2012-01-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries"
},
{
"cve": "CVE-2012-0810",
"discovery_date": "2012-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "794557"
}
],
"notes": [
{
"category": "description",
"text": "The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel-rt: stack corruption when task gets scheduled out using the debug stack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and 6. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-0810"
},
{
"category": "external",
"summary": "RHBZ#794557",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-0810",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0810"
}
],
"release_date": "2012-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:0333"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel-rt: stack corruption when task gets scheduled out using the debug stack"
}
]
}
Loading...