rhsa-2013_1080
Vulnerability from csaf_redhat
Published
2013-07-16 17:18
Modified
2024-11-22 07:10
Summary
Red Hat Security Advisory: kernel security and bug fix update
Notes
Topic
Updated kernel packages that fix multiple security issues and several bugs
are now available for Red Hat OpenStack 3.0.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4
kernel. These custom kernel packages include support for network
namespaces, this support is required to facilitate advanced OpenStack
Networking deployments.
This update fixes the following security issues:
* A flaw was found in the tcp_read_sock() function in the Linux kernel's
IPv4 TCP/IP protocol suite implementation in the way socket buffers (skb)
were handled. A local, unprivileged user could trigger this issue via a
call to splice(), leading to a denial of service. (CVE-2013-2128,
Moderate)
* Information leak flaws in the Linux kernel could allow a local,
unprivileged user to leak kernel memory to user-space. (CVE-2012-6548,
CVE-2013-2634, CVE-2013-2635, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225,
Low)
* An information leak was found in the Linux kernel's POSIX signals
implementation. A local, unprivileged user could use this flaw to bypass
the Address Space Layout Randomization (ASLR) security feature.
(CVE-2013-0914, Low)
* A format string flaw was found in the ext3_msg() function in the Linux
kernel's ext3 file system implementation. A local user who is able to mount
an ext3 file system could use this flaw to cause a denial of service or,
potentially, escalate their privileges. (CVE-2013-1848, Low)
* A format string flaw was found in the b43_do_request_fw() function in the
Linux kernel's b43 driver implementation. A local user who is able to
specify the "fwpostfix" b43 module parameter could use this flaw to cause a
denial of service or, potentially, escalate their privileges.
(CVE-2013-2852, Low)
* A NULL pointer dereference flaw was found in the Linux kernel's ftrace
and function tracer implementations. A local user who has the CAP_SYS_ADMIN
capability could use this flaw to cause a denial of service.
(CVE-2013-3301, Low)
Red Hat would like to thank Kees Cook for reporting CVE-2013-2852.
More information on the Red Hat Enterprise Linux 6.4 kernel packages upon
which these custom kernel packages are based is available in
RHSA-2013:1051:
https://rhn.redhat.com/errata/RHSA-2013-1051.html
All Red Hat OpenStack 3.0 users deploying the OpenStack Networking service
are advised to install these updated packages.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel packages that fix multiple security issues and several bugs\nare now available for Red Hat OpenStack 3.0.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4\nkernel. These custom kernel packages include support for network\nnamespaces, this support is required to facilitate advanced OpenStack\nNetworking deployments.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the tcp_read_sock() function in the Linux kernel\u0027s\nIPv4 TCP/IP protocol suite implementation in the way socket buffers (skb)\nwere handled. A local, unprivileged user could trigger this issue via a\ncall to splice(), leading to a denial of service. (CVE-2013-2128,\nModerate)\n\n* Information leak flaws in the Linux kernel could allow a local,\nunprivileged user to leak kernel memory to user-space. (CVE-2012-6548,\nCVE-2013-2634, CVE-2013-2635, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225,\nLow)\n\n* An information leak was found in the Linux kernel\u0027s POSIX signals\nimplementation. A local, unprivileged user could use this flaw to bypass\nthe Address Space Layout Randomization (ASLR) security feature.\n(CVE-2013-0914, Low)\n\n* A format string flaw was found in the ext3_msg() function in the Linux\nkernel\u0027s ext3 file system implementation. A local user who is able to mount\nan ext3 file system could use this flaw to cause a denial of service or,\npotentially, escalate their privileges. (CVE-2013-1848, Low)\n\n* A format string flaw was found in the b43_do_request_fw() function in the\nLinux kernel\u0027s b43 driver implementation. A local user who is able to\nspecify the \"fwpostfix\" b43 module parameter could use this flaw to cause a\ndenial of service or, potentially, escalate their privileges.\n(CVE-2013-2852, Low)\n\n* A NULL pointer dereference flaw was found in the Linux kernel\u0027s ftrace\nand function tracer implementations. A local user who has the CAP_SYS_ADMIN\ncapability could use this flaw to cause a denial of service.\n(CVE-2013-3301, Low)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2013-2852.\n\nMore information on the Red Hat Enterprise Linux 6.4 kernel packages upon\nwhich these custom kernel packages are based is available in\nRHSA-2013:1051:\n\nhttps://rhn.redhat.com/errata/RHSA-2013-1051.html\n\nAll Red Hat OpenStack 3.0 users deploying the OpenStack Networking service\nare advised to install these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1080",
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://rhn.redhat.com/errata/RHSA-2013-1051.html",
"url": "https://rhn.redhat.com/errata/RHSA-2013-1051.html"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/"
},
{
"category": "external",
"summary": "920499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=920499"
},
{
"category": "external",
"summary": "920783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=920783"
},
{
"category": "external",
"summary": "922353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=922353"
},
{
"category": "external",
"summary": "924689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924689"
},
{
"category": "external",
"summary": "924690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924690"
},
{
"category": "external",
"summary": "952197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952197"
},
{
"category": "external",
"summary": "955216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955216"
},
{
"category": "external",
"summary": "955599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955599"
},
{
"category": "external",
"summary": "955649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955649"
},
{
"category": "external",
"summary": "968484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=968484"
},
{
"category": "external",
"summary": "969518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=969518"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1080.json"
}
],
"title": "Red Hat Security Advisory: kernel security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T07:10:45+00:00",
"generator": {
"date": "2024-11-22T07:10:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1080",
"initial_release_date": "2013-07-16T17:18:00+00:00",
"revision_history": [
{
"date": "2013-07-16T17:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-07-16T17:21:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:10:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 3.0",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:3::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product": {
"name": "python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_id": "python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@2.6.32-358.114.1.openstack.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.32-358.114.1.openstack.el6.src",
"product": {
"name": "kernel-0:2.6.32-358.114.1.openstack.el6.src",
"product_id": "kernel-0:2.6.32-358.114.1.openstack.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-358.114.1.openstack.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"product": {
"name": "kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"product_id": "kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.6.32-358.114.1.openstack.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"product": {
"name": "kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"product_id": "kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-firmware@2.6.32-358.114.1.openstack.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.114.1.openstack.el6.src as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src"
},
"product_reference": "kernel-0:2.6.32-358.114.1.openstack.el6.src",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 3.0",
"product_id": "6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"relates_to_product_reference": "6Server-Grizzly"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6548",
"discovery_date": "2013-03-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "922353"
}
],
"notes": [
{
"category": "description",
"text": "The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: udf: information leak on export",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6548"
},
{
"category": "external",
"summary": "RHBZ#922353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=922353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6548",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6548"
}
],
"release_date": "2012-08-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: udf: information leak on export"
},
{
"cve": "CVE-2013-0914",
"discovery_date": "2013-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "920499"
}
],
"notes": [
{
"category": "description",
"text": "The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: sa_restorer information leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0914"
},
{
"category": "external",
"summary": "RHBZ#920499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=920499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0914",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0914"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0914",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0914"
}
],
"release_date": "2013-03-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: sa_restorer information leak"
},
{
"cve": "CVE-2013-1848",
"discovery_date": "2013-03-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "920783"
}
],
"notes": [
{
"category": "description",
"text": "fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext3: format string issues",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 because it did not backport the commit 4cf46b67eb that introduced this issue.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-1848"
},
{
"category": "external",
"summary": "RHBZ#920783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=920783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-1848",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1848"
}
],
"release_date": "2013-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ext3: format string issues"
},
{
"cve": "CVE-2013-2128",
"discovery_date": "2012-10-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "968484"
}
],
"notes": [
{
"category": "description",
"text": "The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: net: oops from tcp_collapse() when using splice(2)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6. Future kernel updates for Red Hat Enterprise Linux 6 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2128"
},
{
"category": "external",
"summary": "RHBZ#968484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=968484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2128",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2128"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2128",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2128"
}
],
"release_date": "2010-03-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: net: oops from tcp_collapse() when using splice(2)"
},
{
"cve": "CVE-2013-2634",
"discovery_date": "2013-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "924689"
}
],
"notes": [
{
"category": "description",
"text": "net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak in the Data Center Bridging (DCB) component",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5.\n\nThis issue does affect the versions of Linux kernel as shipped with\nRed Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates\nfor Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this\nissue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2634"
},
{
"category": "external",
"summary": "RHBZ#924689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2634"
}
],
"release_date": "2013-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Information leak in the Data Center Bridging (DCB) component"
},
{
"cve": "CVE-2013-2635",
"discovery_date": "2013-03-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "924690"
}
],
"notes": [
{
"category": "description",
"text": "The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak in the RTNETLINK component",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5.\n\nThis issue does affect the versions of Linux kernel as shipped with\nRed Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates\nfor Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this\nissue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2635"
},
{
"category": "external",
"summary": "RHBZ#924690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924690"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2635",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2635"
}
],
"release_date": "2013-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Information leak in the RTNETLINK component"
},
{
"acknowledgments": [
{
"names": [
"Kees Cook"
]
}
],
"cve": "CVE-2013-2852",
"discovery_date": "2013-05-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "969518"
}
],
"notes": [
{
"category": "description",
"text": "Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: b43: format string leaking into error msgs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, and Red Hat Enterprise MRG. Future updates for Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-2852"
},
{
"category": "external",
"summary": "RHBZ#969518",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=969518"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-2852",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2852"
}
],
"release_date": "2013-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: b43: format string leaking into error msgs"
},
{
"cve": "CVE-2013-3222",
"discovery_date": "2013-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "955216"
}
],
"notes": [
{
"category": "description",
"text": "The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: atm: update msg_namelen in vcc_recvmsg()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of the Linux kernel as shipped with\nRed Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Future kernel\nupdates for Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2 may\naddress this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-3222"
},
{
"category": "external",
"summary": "RHBZ#955216",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955216"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-3222",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3222"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3222",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3222"
}
],
"release_date": "2013-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: atm: update msg_namelen in vcc_recvmsg()"
},
{
"cve": "CVE-2013-3224",
"discovery_date": "2013-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "955599"
}
],
"notes": [
{
"category": "description",
"text": "The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of the Linux kernel as shipped with\nRed Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2. Future kernel\nupdates for Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2 may\naddress this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-3224"
},
{
"category": "external",
"summary": "RHBZ#955599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955599"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-3224",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3224"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3224",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3224"
}
],
"release_date": "2013-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: Bluetooth: possible info leak in bt_sock_recvmsg()"
},
{
"cve": "CVE-2013-3225",
"discovery_date": "2013-04-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "955649"
}
],
"notes": [
{
"category": "description",
"text": "The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5.\n\nThis issue affects the versions of Linux kernel as shipped with\nRed Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates\nfor Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this\nissue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-3225"
},
{
"category": "external",
"summary": "RHBZ#955649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=955649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-3225",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3225"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3225",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3225"
}
],
"release_date": "2013-04-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg"
},
{
"cve": "CVE-2013-3301",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2013-04-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "952197"
}
],
"notes": [
{
"category": "description",
"text": "The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: tracing: NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5.\n\nThis issue affects the versions of Linux kernel as shipped with\nRed Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates\nfor Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this\nissue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-3301"
},
{
"category": "external",
"summary": "RHBZ#952197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-3301",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3301"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3301",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3301"
}
],
"release_date": "2013-04-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-07-16T17:18:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nDetails on how to use the Red Hat Network to apply this update are\navailable at https://access.redhat.com/site/articles/11258\n\nThis Red Hat OpenStack 3.0 kernel may be installed by running this command\nwhile logged in as the root user on a system that has the required\nentitlements and subscriptions attached:\n\n# yum install \"kernel-2.6.*.openstack.el6.x86_64\"\n\nDocumentation for both stable and preview releases of Red Hat OpenStack is\navailable at:\n\nhttps://access.redhat.com/site/documentation/en-US/Red_Hat_OpenStack/\n\nIn particular it is highly recommended that all users read the Release\nNotes document for the relevant Red Hat OpenStack release prior to\ninstallation.",
"product_ids": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1080"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.src",
"6Server-Grizzly:kernel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debug-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-debuginfo-common-x86_64-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-devel-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:kernel-doc-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-firmware-0:2.6.32-358.114.1.openstack.el6.noarch",
"6Server-Grizzly:kernel-headers-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-0:2.6.32-358.114.1.openstack.el6.x86_64",
"6Server-Grizzly:python-perf-debuginfo-0:2.6.32-358.114.1.openstack.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: tracing: NULL pointer dereference"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.