rhsa-2014_1318
Vulnerability from csaf_redhat
Published
2014-09-29 19:41
Modified
2024-11-05 18:36
Summary
Red Hat Security Advisory: Red Hat Enterprise MRG Realtime 2.5 security and enhancement update
Notes
Topic
Updated Red Hat Enterprise MRG Realtime packages that fix multiple security
issues and add one enhancement are now available for Red Hat Enterprise MRG
2.5.
Red Hat Product Security has rated this update as having Moderate security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
Details
Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation
IT infrastructure for enterprise computing. MRG offers increased
performance, reliability, interoperability, and faster computing for
enterprise customers.
MRG Realtime provides the highest levels of predictability for consistent
low-latency response times to meet the needs of time-sensitive workloads.
MRG Realtime also provides new levels of determinism by optimizing lengthy
kernel code paths to ensure that they do not become bottlenecks. This
allows for better prioritization of applications, resulting in consistent,
predictable response times for high-priority applications.
* An out-of-bounds write flaw was found in the way the Apple Magic
Mouse/Trackpad multi-touch driver handled Human Interface Device (HID)
reports with an invalid size. An attacker with physical access to the
system could use this flaw to crash the system or, potentially, escalate
their privileges on the system. (CVE-2014-3181, Moderate)
* A memory corruption flaw was found in the way the USB ConnectTech
WhiteHEAT serial driver processed completion commands sent via USB Request
Blocks buffers. An attacker with physical access to the system could use
this flaw to crash the system or, potentially, escalate their privileges on
the system. (CVE-2014-3185, Moderate)
* A race condition flaw was found in the way the Linux kernel's mmap(2),
madvise(2), and fallocate(2) system calls interacted with each other while
operating on virtual memory file system files. A local user could use this
flaw to cause a denial of service. (CVE-2014-4171, Moderate)
* A stack overflow flaw caused by infinite recursion was found in the way
the Linux kernel's Universal Disk Format (UDF) file system implementation
processed indirect Information Control Blocks (ICBs). An attacker with
physical access to the system could use a specially crafted UDF image to
crash the system. (CVE-2014-6410, Low)
* An out-of-bounds read flaw was found in the way the Logitech Unifying
receiver driver handled HID reports with an invalid device_index value.
An attacker with physical access to the system could use this flaw to crash
the system or, potentially, escalate their privileges on the system.
(CVE-2014-3182, Low)
* Multiple out-of-bounds write flaws were found in the way the Cherry
Cymotion keyboard driver, KYE/Genius device drivers, Logitech device
drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote
control driver, and Sunplus wireless desktop driver handled HID reports
with an invalid report descriptor size. An attacker with physical access to
the system could use either of these flaws to write data past an allocated
memory buffer. (CVE-2014-3184, Low)
* It was found that the parse_rock_ridge_inode_internal() function of the
Linux kernel's ISOFS implementation did not correctly check relocated
directories when processing Rock Ridge child link (CL) tags. An attacker
with physical access to the system could use a specially crafted ISO image
to crash the system or, potentially, escalate their privileges on the
system. (CVE-2014-5471, CVE-2014-5472, Low)
This update also adds the following enhancement:
* The Solarflare SFC9120 10GBE Ethernet NICs were not supported by the MRG
Realtime kernel. With this update, the drivers have been updated to enable
the Solarflare SFC9120 cards on the Realtime kernel. (BZ#1086945)
All Red Hat Enterprise MRG Realtime users are advised to upgrade to these
updated packages, which contain backported patches to correct these issues
and add this enhancement.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated Red Hat Enterprise MRG Realtime packages that fix multiple security\nissues and add one enhancement are now available for Red Hat Enterprise MRG\n2.5.\n\nRed Hat Product Security has rated this update as having Moderate security\nimpact. Common Vulnerability Scoring System (CVSS) base scores, which give\ndetailed severity ratings, are available for each vulnerability from the\nCVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation\nIT infrastructure for enterprise computing. MRG offers increased\nperformance, reliability, interoperability, and faster computing for\nenterprise customers.\n\nMRG Realtime provides the highest levels of predictability for consistent\nlow-latency response times to meet the needs of time-sensitive workloads.\nMRG Realtime also provides new levels of determinism by optimizing lengthy\nkernel code paths to ensure that they do not become bottlenecks. This\nallows for better prioritization of applications, resulting in consistent,\npredictable response times for high-priority applications.\n\n* An out-of-bounds write flaw was found in the way the Apple Magic\nMouse/Trackpad multi-touch driver handled Human Interface Device (HID)\nreports with an invalid size. An attacker with physical access to the\nsystem could use this flaw to crash the system or, potentially, escalate\ntheir privileges on the system. (CVE-2014-3181, Moderate)\n\n* A memory corruption flaw was found in the way the USB ConnectTech\nWhiteHEAT serial driver processed completion commands sent via USB Request\nBlocks buffers. An attacker with physical access to the system could use\nthis flaw to crash the system or, potentially, escalate their privileges on\nthe system. (CVE-2014-3185, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel\u0027s mmap(2),\nmadvise(2), and fallocate(2) system calls interacted with each other while\noperating on virtual memory file system files. A local user could use this\nflaw to cause a denial of service. (CVE-2014-4171, Moderate)\n\n* A stack overflow flaw caused by infinite recursion was found in the way\nthe Linux kernel\u0027s Universal Disk Format (UDF) file system implementation\nprocessed indirect Information Control Blocks (ICBs). An attacker with\nphysical access to the system could use a specially crafted UDF image to\ncrash the system. (CVE-2014-6410, Low)\n\n* An out-of-bounds read flaw was found in the way the Logitech Unifying\nreceiver driver handled HID reports with an invalid device_index value.\nAn attacker with physical access to the system could use this flaw to crash\nthe system or, potentially, escalate their privileges on the system.\n(CVE-2014-3182, Low)\n\n* Multiple out-of-bounds write flaws were found in the way the Cherry\nCymotion keyboard driver, KYE/Genius device drivers, Logitech device\ndrivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote\ncontrol driver, and Sunplus wireless desktop driver handled HID reports\nwith an invalid report descriptor size. An attacker with physical access to\nthe system could use either of these flaws to write data past an allocated\nmemory buffer. (CVE-2014-3184, Low)\n\n* It was found that the parse_rock_ridge_inode_internal() function of the\nLinux kernel\u0027s ISOFS implementation did not correctly check relocated\ndirectories when processing Rock Ridge child link (CL) tags. An attacker\nwith physical access to the system could use a specially crafted ISO image\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-5471, CVE-2014-5472, Low)\n\nThis update also adds the following enhancement:\n\n* The Solarflare SFC9120 10GBE Ethernet NICs were not supported by the MRG\nRealtime kernel. With this update, the drivers have been updated to enable\nthe Solarflare SFC9120 cards on the Realtime kernel. (BZ#1086945)\n\nAll Red Hat Enterprise MRG Realtime users are advised to upgrade to these\nupdated packages, which contain backported patches to correct these issues\nand add this enhancement.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:1318", "url": "https://access.redhat.com/errata/RHSA-2014:1318" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1111180", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111180" }, { "category": "external", "summary": "1134099", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1134099" }, { "category": "external", "summary": "1141173", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141173" }, { "category": "external", "summary": "1141210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141210" }, { "category": "external", "summary": "1141391", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141391" }, { "category": "external", "summary": "1141400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141400" }, { "category": "external", "summary": "1141809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141809" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1318.json" } ], "title": "Red Hat Security Advisory: Red Hat Enterprise MRG Realtime 2.5 security and enhancement update", "tracking": { "current_release_date": "2024-11-05T18:36:44+00:00", "generator": { "date": "2024-11-05T18:36:44+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2014:1318", "initial_release_date": "2014-09-29T19:41:06+00:00", "revision_history": [ { "date": "2014-09-29T19:41:06+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-09-29T19:41:06+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T18:36:44+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat MRG Realtime for RHEL 6 Server v.2", "product": { "name": "Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6" } } } ], "category": "product_family", "name": "Red Hat Enterprise MRG for RHEL-6" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.33-rt32.51.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product": { "name": "kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_id": "kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.33-rt32.51.el6rt?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.10.33-rt32.51.el6rt.src", "product": { "name": "kernel-rt-0:3.10.33-rt32.51.el6rt.src", "product_id": "kernel-rt-0:3.10.33-rt32.51.el6rt.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.33-rt32.51.el6rt?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "product": { "name": "kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "product_id": "kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.33-rt32.51.el6rt?arch=noarch" } } }, { "category": "product_version", "name": "kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "product": { "name": "kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "product_id": "kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-firmware@3.10.33-rt32.51.el6rt?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.33-rt32.51.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src" }, "product_reference": "kernel-rt-0:3.10.33-rt32.51.el6rt.src", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch" }, "product_reference": "kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" }, "product_reference": "kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" } ] }, "vulnerabilities": [ { "cve": "CVE-2014-3181", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2014-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1141173" } ], "notes": [ { "category": "description", "text": "An out-of-bounds write flaw was found in the way the Apple Magic Mouse/Trackpad multi-touch driver handled Human Interface Device (HID) reports with an invalid size. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: HID: OOB write in magicmouse driver", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5 and 6.\n\nThis issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3181" }, { "category": "external", "summary": "RHBZ#1141173", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141173" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3181", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3181" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3181", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3181" } ], "release_date": "2014-08-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Kernel: HID: OOB write in magicmouse driver" }, { "cve": "CVE-2014-3182", "discovery_date": "2014-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1141210" } ], "notes": [ { "category": "description", "text": "An out-of-bounds read flaw was found in the way the Logitech Unifying receiver driver handled HID reports with an invalid device_index value. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: HID: logitech-dj OOB array access", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5 and 6.\n\nThis issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3182" }, { "category": "external", "summary": "RHBZ#1141210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141210" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3182", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3182" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3182", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3182" } ], "release_date": "2014-08-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Kernel: HID: logitech-dj OOB array access" }, { "cve": "CVE-2014-3184", "cwe": { "id": "CWE-193", "name": "Off-by-one Error" }, "discovery_date": "2014-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1141391" } ], "notes": [ { "category": "description", "text": "Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: HID: off by one error in various _report_fixup routines", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3184" }, { "category": "external", "summary": "RHBZ#1141391", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141391" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3184", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3184" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3184", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3184" } ], "release_date": "2014-08-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Kernel: HID: off by one error in various _report_fixup routines" }, { "cve": "CVE-2014-3185", "discovery_date": "2014-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1141400" } ], "notes": [ { "category": "description", "text": "A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: USB serial: memory corruption flaw", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of the Linux kernel as shipped with\nRed Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel\nupdates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may\naddress this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-3185" }, { "category": "external", "summary": "RHBZ#1141400", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141400" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3185", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3185" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3185", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3185" } ], "release_date": "2014-08-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Kernel: USB serial: memory corruption flaw" }, { "cve": "CVE-2014-4171", "discovery_date": "2014-06-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1111180" } ], "notes": [ { "category": "description", "text": "A race condition flaw was found in the way the Linux kernel\u0027s mmap(2), madvise(2), and fallocate(2) system calls interacted with each other while operating on virtual memory file system files. A local user could use this flaw to cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: mm/shmem: denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\n\nThis issue affects the version of the kernel package as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-4171" }, { "category": "external", "summary": "RHBZ#1111180", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111180" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-4171", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4171" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-4171", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-4171" } ], "release_date": "2014-06-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Kernel: mm/shmem: denial of service" }, { "cve": "CVE-2014-5471", "discovery_date": "2014-08-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1134099" } ], "notes": [ { "category": "description", "text": "It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel\u0027s ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: isofs: unbound recursion when processing relocated directories", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-5471" }, { "category": "external", "summary": "RHBZ#1134099", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1134099" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-5471", "url": "https://www.cve.org/CVERecord?id=CVE-2014-5471" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-5471", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5471" } ], "release_date": "2014-08-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: isofs: unbound recursion when processing relocated directories" }, { "cve": "CVE-2014-5472", "discovery_date": "2014-08-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1134099" } ], "notes": [ { "category": "description", "text": "It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel\u0027s ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: isofs: unbound recursion when processing relocated directories", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-5472" }, { "category": "external", "summary": "RHBZ#1134099", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1134099" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-5472", "url": "https://www.cve.org/CVERecord?id=CVE-2014-5472" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-5472", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-5472" } ], "release_date": "2014-08-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: isofs: unbound recursion when processing relocated directories" }, { "cve": "CVE-2014-6410", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2014-09-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1141809" } ], "notes": [ { "category": "description", "text": "A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel\u0027s Universal Disk Format (UDF) file system implementation processed indirect Information Control Blocks (ICBs). An attacker with physical access to the system could use a specially crafted UDF image to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: udf: Avoid infinite loop when processing indirect ICBs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-6410" }, { "category": "external", "summary": "RHBZ#1141809", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1141809" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-6410", "url": "https://www.cve.org/CVERecord?id=CVE-2014-6410" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-6410", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-6410" } ], "release_date": "2014-09-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-09-29T19:41:06+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:1318" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.10.33-rt32.51.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.10.33-rt32.51.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.10.33-rt32.51.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: udf: Avoid infinite loop when processing indirect ICBs" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.