rhsa-2012_1150
Vulnerability from csaf_redhat
Published
2012-08-08 16:31
Modified
2024-11-22 05:45
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix two security issues and two bugs are
now available for Red Hat Enterprise MRG 2.1.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* A memory leak flaw was found in the way the Linux kernel's memory
subsystem handled resource clean up in the mmap() failure path when the
MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to
cause a denial of service. (CVE-2012-2390, Moderate)
* A flaw was found in the way the Linux kernel's Event Poll (epoll)
subsystem handled resource clean up when an ELOOP error code was returned.
A local, unprivileged user could use this flaw to cause a denial of
service. (CVE-2012-3375, Moderate)
This update also fixes the following bugs:
* The MRG 2.1 realtime kernel lacked support for automatic memory
reservation for the kdump kernel, as present in Red Hat Enterprise Linux
kernels. Using the parameter crashkernel=auto on the kernel boot command
line led to kdump being disabled because no memory was correctly reserved.
Support for crashkernel=auto has been implemented in the 3.0 realtime
kernel and now when the crashkernel=auto parameter is specified, machines
with more than 4GB of RAM have the amount of memory required by the kdump
kernel calculated and reserved. (BZ#820427)
* The current bnx2x driver in the MRG 2.1 realtime kernel had faulty
support for the network adapter PCI ID 14e4:168e and did not work
correctly. The bnx2x driver was updated to include support for this network
adapter. (BZ#839037)
Users should upgrade to these updated packages, which upgrade the kernel-rt
kernel to version kernel-rt-3.0.36-rt57, and correct these issues. The
system must be rebooted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel-rt packages that fix two security issues and two bugs are\nnow available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A memory leak flaw was found in the way the Linux kernel\u0027s memory\nsubsystem handled resource clean up in the mmap() failure path when the\nMAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2012-2390, Moderate)\n\n* A flaw was found in the way the Linux kernel\u0027s Event Poll (epoll)\nsubsystem handled resource clean up when an ELOOP error code was returned.\nA local, unprivileged user could use this flaw to cause a denial of\nservice. (CVE-2012-3375, Moderate)\n\nThis update also fixes the following bugs:\n\n* The MRG 2.1 realtime kernel lacked support for automatic memory\nreservation for the kdump kernel, as present in Red Hat Enterprise Linux\nkernels. Using the parameter crashkernel=auto on the kernel boot command\nline led to kdump being disabled because no memory was correctly reserved.\nSupport for crashkernel=auto has been implemented in the 3.0 realtime\nkernel and now when the crashkernel=auto parameter is specified, machines\nwith more than 4GB of RAM have the amount of memory required by the kdump\nkernel calculated and reserved. (BZ#820427)\n\n* The current bnx2x driver in the MRG 2.1 realtime kernel had faulty\nsupport for the network adapter PCI ID 14e4:168e and did not work\ncorrectly. The bnx2x driver was updated to include support for this network\nadapter. (BZ#839037)\n\nUsers should upgrade to these updated packages, which upgrade the kernel-rt\nkernel to version kernel-rt-3.0.36-rt57, and correct these issues. The\nsystem must be rebooted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2012:1150",
"url": "https://access.redhat.com/errata/RHSA-2012:1150"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "824345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824345"
},
{
"category": "external",
"summary": "837502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837502"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1150.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T05:45:39+00:00",
"generator": {
"date": "2024-11-22T05:45:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2012:1150",
"initial_release_date": "2012-08-08T16:31:00+00:00",
"revision_history": [
{
"date": "2012-08-08T16:31:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2012-08-08T16:31:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T05:45:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product": {
"name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-6"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"product": {
"name": "kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"product_id": "kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.0.36-rt57.66.el6rt?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"product": {
"name": "kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"product_id": "kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-firmware@3.0.36-rt57.66.el6rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.0.36-rt57.66.el6rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"product": {
"name": "kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"product_id": "kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.0.36-rt57.66.el6rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.0.36-rt57.66.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src"
},
"product_reference": "kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch"
},
"product_reference": "kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch"
},
"product_reference": "kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
"product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"relates_to_product_reference": "6Server-MRG-Realtime-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-2390",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2012-05-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "824345"
}
],
"notes": [
{
"category": "description",
"text": "Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service (memory consumption or system crash) via invalid MAP_HUGETLB mmap operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: huge pages: memory leak on mmap failure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5 as they did not include the upstream commit 84afd99b that introduced this issue. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.\n\nThis has been addressed in Red Hat Enterprise Linux Red Hat Enterprise MRG 2 via https://rhn.redhat.com/errata/RHSA-2012-1150.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-2390"
},
{
"category": "external",
"summary": "RHBZ#824345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-2390",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2390"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-2390",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-2390"
}
],
"release_date": "2012-05-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-08-08T16:31:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1150"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: huge pages: memory leak on mmap failure"
},
{
"cve": "CVE-2012-3375",
"discovery_date": "2012-04-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "837502"
}
],
"notes": [
{
"category": "description",
"text": "The epoll_ctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLL_CTL_ADD operations, which allows local users to cause a denial of service (file-descriptor consumption and system crash) via a crafted application that attempts to create a circular epoll dependency. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-1083.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: epoll: can leak file descriptors when returning -ELOOP",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, since updates fixing CVE-2011-1083 contained a corrected patch that did not introduce this regression. \n\nThis has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2012-1061.html, and Red Hat Enterprise Linux Red Hat Enterprise MRG 2 via https://rhn.redhat.com/errata/RHSA-2012-1150.html",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-3375"
},
{
"category": "external",
"summary": "RHBZ#837502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-3375",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3375"
}
],
"release_date": "2012-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2012-08-08T16:31:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.",
"product_ids": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2012:1150"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.src",
"6Server-MRG-Realtime-2:kernel-rt-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.36-rt57.66.el6rt.noarch",
"6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.36-rt57.66.el6rt.x86_64",
"6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.36-rt57.66.el6rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: epoll: can leak file descriptors when returning -ELOOP"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.