rhsa-2016_2584
Vulnerability from csaf_redhat
Published
2016-11-03 08:08
Modified
2024-09-13 14:37
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call. (CVE-2016-3841, Important)
* Several Moderate and Low impact security issues were found in the Linux kernel. Space precludes documenting each of these issues in this advisory. Refer to the CVE links in the References section for a description of each of these vulnerabilities. (CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2016-2053, CVE-2016-2069, CVE-2016-2847, CVE-2016-3156, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480, CVE-2015-8746, CVE-2015-8956, CVE-2016-2117, CVE-2016-2384, CVE-2016-3070, CVE-2016-3699, CVE-2016-4569, CVE-2016-4578)
Red Hat would like to thank Philip Pettersson (Samsung) for reporting CVE-2016-2053; Tetsuo Handa for reporting CVE-2016-2847; the Virtuozzo kernel team and Solar Designer (Openwall) for reporting CVE-2016-3156; Justin Yackoski (Cryptonite) for reporting CVE-2016-2117; and Linn Crosetto (HP) for reporting CVE-2016-3699. The CVE-2015-8812 issue was discovered by Venkatesh Pottem (Red Hat Engineering); the CVE-2015-8844 and CVE-2015-8845 issues were discovered by Miroslav Vadkerti (Red Hat Engineering); the CVE-2016-4581 issue was discovered by Eric W. Biederman (Red Hat); the CVE-2016-6198 issue was discovered by CAI Qian (Red Hat); and the CVE-2016-3070 issue was discovered by Jan Stancek (Red Hat).
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* It was found that the Linux kernel\u0027s IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call. (CVE-2016-3841, Important)\n\n* Several Moderate and Low impact security issues were found in the Linux kernel. Space precludes documenting each of these issues in this advisory. Refer to the CVE links in the References section for a description of each of these vulnerabilities. (CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2016-2053, CVE-2016-2069, CVE-2016-2847, CVE-2016-3156, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480, CVE-2015-8746, CVE-2015-8956, CVE-2016-2117, CVE-2016-2384, CVE-2016-3070, CVE-2016-3699, CVE-2016-4569, CVE-2016-4578)\n\nRed Hat would like to thank Philip Pettersson (Samsung) for reporting CVE-2016-2053; Tetsuo Handa for reporting CVE-2016-2847; the Virtuozzo kernel team and Solar Designer (Openwall) for reporting CVE-2016-3156; Justin Yackoski (Cryptonite) for reporting CVE-2016-2117; and Linn Crosetto (HP) for reporting CVE-2016-3699. The CVE-2015-8812 issue was discovered by Venkatesh Pottem (Red Hat Engineering); the CVE-2015-8844 and CVE-2015-8845 issues were discovered by Miroslav Vadkerti (Red Hat Engineering); the CVE-2016-4581 issue was discovered by Eric W. Biederman (Red Hat); the CVE-2016-6198 issue was discovered by CAI Qian (Red Hat); and the CVE-2016-3070 issue was discovered by Jan Stancek (Red Hat).\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:2584",
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/index.html",
"url": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/index.html"
},
{
"category": "external",
"summary": "1250750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1250750"
},
{
"category": "external",
"summary": "1280465",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1280465"
},
{
"category": "external",
"summary": "1280494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1280494"
},
{
"category": "external",
"summary": "1286261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1286261"
},
{
"category": "external",
"summary": "1290475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290475"
},
{
"category": "external",
"summary": "1292902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1292902"
},
{
"category": "external",
"summary": "1295802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295802"
},
{
"category": "external",
"summary": "1297813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297813"
},
{
"category": "external",
"summary": "1300237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300237"
},
{
"category": "external",
"summary": "1301893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301893"
},
{
"category": "external",
"summary": "1303532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303532"
},
{
"category": "external",
"summary": "1303733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303733"
},
{
"category": "external",
"summary": "1304491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1304491"
},
{
"category": "external",
"summary": "1308444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308444"
},
{
"category": "external",
"summary": "1308846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308846"
},
{
"category": "external",
"summary": "1312298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312298"
},
{
"category": "external",
"summary": "1313428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313428"
},
{
"category": "external",
"summary": "1318172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318172"
},
{
"category": "external",
"summary": "1320167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1320167"
},
{
"category": "external",
"summary": "1325404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1325404"
},
{
"category": "external",
"summary": "1326472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326472"
},
{
"category": "external",
"summary": "1326540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"category": "external",
"summary": "1328607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1328607"
},
{
"category": "external",
"summary": "1329653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653"
},
{
"category": "external",
"summary": "1331562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1331562"
},
{
"category": "external",
"summary": "1332295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332295"
},
{
"category": "external",
"summary": "1332593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1332593"
},
{
"category": "external",
"summary": "1333712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333712"
},
{
"category": "external",
"summary": "1334643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334643"
},
{
"category": "external",
"summary": "1335215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335215"
},
{
"category": "external",
"summary": "1335889",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335889"
},
{
"category": "external",
"summary": "1337643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337643"
},
{
"category": "external",
"summary": "1340922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340922"
},
{
"category": "external",
"summary": "1343656",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343656"
},
{
"category": "external",
"summary": "1344077",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1344077"
},
{
"category": "external",
"summary": "1350509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1350509"
},
{
"category": "external",
"summary": "1353533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353533"
},
{
"category": "external",
"summary": "1354525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1354525"
},
{
"category": "external",
"summary": "1355654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355654"
},
{
"category": "external",
"summary": "1362466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362466"
},
{
"category": "external",
"summary": "1364971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1364971"
},
{
"category": "external",
"summary": "1366057",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366057"
},
{
"category": "external",
"summary": "1383395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383395"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2016/rhsa-2016_2584.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-09-13T14:37:32+00:00",
"generator": {
"date": "2024-09-13T14:37:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2016:2584",
"initial_release_date": "2016-11-03T08:08:49+00:00",
"revision_history": [
{
"date": "2016-11-03T08:08:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-11-03T08:08:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T14:37:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_rt:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for Real Time (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_rt:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product": {
"name": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product_id": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-514.rt56.420.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"product": {
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"product_id": "kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-514.rt56.420.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"product": {
"name": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"product_id": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-514.rt56.420.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src"
},
"product_reference": "kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch"
},
"product_reference": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-NFV"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.src as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src"
},
"product_reference": "kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch"
},
"product_reference": "kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"relates_to_product_reference": "7Server-RT"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-4312",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-01-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1297813"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: File descriptors passed over unix sockets are not properly accounted",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7, and MRG-2. Future Linux kernel updates for the respective releases might address this issue.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4312"
},
{
"category": "external",
"summary": "RHBZ#1297813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4312",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4312"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4312",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4312"
}
],
"release_date": "2016-01-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: File descriptors passed over unix sockets are not properly accounted"
},
{
"cve": "CVE-2015-8374",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2015-11-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1286261"
}
],
"notes": [
{
"category": "description",
"text": "An information-leak vulnerability was found in the kernel when it truncated a file to a smaller size which consisted of an inline extent that was compressed. The data between the new file size and the old file size was not discarded and the number of bytes used by the inode were not correctly decremented, which gave the wrong report for callers of the stat(2) syscall. This wasted metadata space and allowed for the truncated data to be leaked, and data corruption or loss to occur. A caller of the clone ioctl could exploit this flaw by using only standard file-system operations without root access to read the truncated data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak when truncating of compressed/inlined extents on BTRFS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6 and is not currently planned to be addressed in future updates.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8374"
},
{
"category": "external",
"summary": "RHBZ#1286261",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1286261"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8374",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8374"
}
],
"release_date": "2015-10-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Information leak when truncating of compressed/inlined extents on BTRFS"
},
{
"cve": "CVE-2015-8543",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2015-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1290475"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the way the Linux kernel\u0027s network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: IPv6 connect causes DoS via NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future updates for the respective releases may address the issue.\n\nThis has been rated as having Moderate security impact and is not currently planned to be addressed in future updates of Red Hat Enterprise Linux 5. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8543"
},
{
"category": "external",
"summary": "RHBZ#1290475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1290475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8543",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8543"
}
],
"release_date": "2015-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: IPv6 connect causes DoS via NULL pointer dereference"
},
{
"cve": "CVE-2015-8746",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2015-08-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1295802"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Linux kernel: the NFSv4.2 migration code improperly initialized the kernel structure. A local, authenticated user could use this flaw to cause a panic of the NFS client (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: when NFSv4 migration is executed, kernel oops occurs at NFS client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 as the code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future updates for the respective releases may address the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8746"
},
{
"category": "external",
"summary": "RHBZ#1295802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8746",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8746"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8746",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8746"
}
],
"release_date": "2015-08-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 3.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: when NFSv4 migration is executed, kernel oops occurs at NFS client"
},
{
"acknowledgments": [
{
"names": [
"Venkatesh Pottem"
],
"organization": "Red Hat Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-8812",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2015-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1303532"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the CXGB3 kernel driver when the network was considered to be congested. The kernel incorrectly misinterpreted the congestion as an error condition and incorrectly freed or cleaned up the socket buffer (skb). When the device then sent the skb\u0027s queued data, these structures were referenced. A local attacker could use this flaw to panic the system (denial of service) or, with a local account, escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: CXGB3: Logic bug in return code handling prematurely frees key structures causing Use after free or kernel panic.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 5, 6 and 7 and Red Hat Enterprise MRG 2 and realtime kernels and may be addressed in a future update.\n\nThis has been rated as having Moderate security impact and is not currently\nplanned to be addressed in future updates in Red Hat Enterprise Linux 5 and 6 . For additional information, refer to the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8812"
},
{
"category": "external",
"summary": "RHBZ#1303532",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1303532"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8812",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8812"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8812",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8812"
}
],
"release_date": "2016-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: CXGB3: Logic bug in return code handling prematurely frees key structures causing Use after free or kernel panic."
},
{
"acknowledgments": [
{
"names": [
"Miroslav Vadkerti"
],
"organization": "Red Hat Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-8844",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2015-10-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1326540"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel which could cause a kernel panic when restoring machine specific registers on the PowerPC platform. Incorrect transactional memory state registers could inadvertently change the call path on return from userspace and cause the kernel to enter an unknown state and crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: incorrect restoration of machine specific registers from userspace",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5 and 6,\n\nThis issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7 and MRG-2 realtime kernels.\n\nFor additional information, refer\nto the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/ .",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8844"
},
{
"category": "external",
"summary": "RHBZ#1326540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8844",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8844"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8844",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8844"
}
],
"release_date": "2016-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: incorrect restoration of machine specific registers from userspace"
},
{
"acknowledgments": [
{
"names": [
"Miroslav Vadkerti"
],
"organization": "Red Hat Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2015-8845",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2015-10-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1326540"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel which could cause a kernel panic when restoring machine specific registers on the PowerPC platform. Incorrect transactional memory state registers could inadvertently change the call path on return from userspace and cause the kernel to enter an unknown state and crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: incorrect restoration of machine specific registers from userspace",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 5 and 6,\n\nThis issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7 and MRG-2 realtime kernels.\n\nFor additional information, refer\nto the Red Hat Enterprise Linux Life Cycle:\nhttps://access.redhat.com/support/policy/updates/errata/ .",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8845"
},
{
"category": "external",
"summary": "RHBZ#1326540",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326540"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8845",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8845"
}
],
"release_date": "2016-04-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: incorrect restoration of machine specific registers from userspace"
},
{
"cve": "CVE-2015-8956",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2016-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1383395"
}
],
"notes": [
{
"category": "description",
"text": "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NULL dereference in RFCOMM bind callback",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-8956"
},
{
"category": "external",
"summary": "RHBZ#1383395",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383395"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8956"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-8956",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8956"
}
],
"release_date": "2015-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: NULL dereference in RFCOMM bind callback"
},
{
"acknowledgments": [
{
"names": [
"Philip Pettersson"
],
"organization": "Samsung"
}
],
"cve": "CVE-2016-2053",
"cwe": {
"id": "CWE-228",
"name": "Improper Handling of Syntactically Invalid Structure"
},
"discovery_date": "2016-01-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1300237"
}
],
"notes": [
{
"category": "description",
"text": "A syntax vulnerability was discovered in the kernel\u0027s ASN1.1 DER decoder, which could lead to memory corruption or a complete local denial of service through x509 certificate DER files. A local system user could use a specially created key file to trigger BUG_ON() in the public_key_verify_signature() function (crypto/asymmetric_keys/public_key.c), to cause a kernel panic and crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, 5 and 6.\n\nThis issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7, MRG and realtime kernels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "RHBZ#1300237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2053",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2053"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2053",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2053"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()"
},
{
"cve": "CVE-2016-2069",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"discovery_date": "2016-01-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301893"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user could use a thread running with a stale cached virtual-\u003ephysical translation to potentially escalate their privileges if the translation in question were writable and the physical page got reused for something critical (for example, a page table).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition in the TLB flush logic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2069"
},
{
"category": "external",
"summary": "RHBZ#1301893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2069",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2069"
},
{
"category": "external",
"summary": "http://seclists.org/oss-sec/2016/q1/194",
"url": "http://seclists.org/oss-sec/2016/q1/194"
}
],
"release_date": "2016-01-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition in the TLB flush logic"
},
{
"acknowledgments": [
{
"names": [
"Justin Yackoski"
],
"organization": "Cryptonite"
}
],
"cve": "CVE-2016-2117",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2016-02-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1312298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the atl2_probe() function in the Atheros L2 Ethernet driver in the Linux kernel incorrectly enabled scatter/gather I/O. A remote attacker could use this flaw to obtain potentially sensitive information from the kernel memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Kernel memory leakage to ethernet frames due to buffer overflow in ethernet drivers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed.\n\nThis issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 6 as the suspected driver does not advertise that it has scatter-gather feature, which presence is essential for the flaw.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2, namely the [atl2] Ethernet driver which is the only driver affected. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2117"
},
{
"category": "external",
"summary": "RHBZ#1312298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2117"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2117",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2117"
}
],
"release_date": "2016-03-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Kernel memory leakage to ethernet frames due to buffer overflow in ethernet drivers"
},
{
"cve": "CVE-2016-2384",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2016-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1308444"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the \u0027umidi\u0027 object. An attacker with physical access to the system could use this flaw to escalate their privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: double-free in usb-audio triggered by invalid USB descriptor",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, as the code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future updates for the respective releases may address the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2384"
},
{
"category": "external",
"summary": "RHBZ#1308444",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308444"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2384",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2384"
},
{
"category": "external",
"summary": "http://seclists.org/oss-sec/2016/q1/331",
"url": "http://seclists.org/oss-sec/2016/q1/331"
},
{
"category": "external",
"summary": "https://lkml.org/lkml/2016/2/13/11",
"url": "https://lkml.org/lkml/2016/2/13/11"
}
],
"release_date": "2016-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: double-free in usb-audio triggered by invalid USB descriptor"
},
{
"acknowledgments": [
{
"names": [
"Tetsuo Handa"
]
}
],
"cve": "CVE-2016-2847",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2014-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1313428"
}
],
"notes": [
{
"category": "description",
"text": "It is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: pipe: limit the per-user amount of pages allocated in pipes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2847"
},
{
"category": "external",
"summary": "RHBZ#1313428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1313428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2847",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2847"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2847",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2847"
}
],
"release_date": "2015-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: pipe: limit the per-user amount of pages allocated in pipes"
},
{
"acknowledgments": [
{
"names": [
"Jan Stancek"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-3070",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2016-02-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1308846"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was found in the Linux kernel that an attempt to move page mapped by AIO ring buffer to the other node triggers NULL pointer dereference at trace_writeback_dirty_page(), because aio_fs_backing_dev_info.dev is 0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Null pointer dereference in trace_writeback_dirty_page()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 as the code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future updates for the respective releases may address the issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3070"
},
{
"category": "external",
"summary": "RHBZ#1308846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3070",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3070"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3070",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3070"
}
],
"release_date": "2016-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Null pointer dereference in trace_writeback_dirty_page()"
},
{
"acknowledgments": [
{
"names": [
"Solar Designer"
],
"organization": "Openwall"
},
{
"names": [
"the Virtuozzo kernel team"
]
}
],
"cve": "CVE-2016-3156",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2016-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1318172"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was found in the Linux kernel\u0027s networking subsystem that destroying the network interface with huge number of ipv4 addresses assigned keeps \"rtnl_lock\" spinlock for a very long time (up to hour). This blocks many network-related operations, including creation of new incoming ssh connections.\r\n\r\nThe problem is especially important for containers, as the container owner has enough permissions to trigger this and block a network access on a whole host, outside the container.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv4: denial of service when destroying a network interface",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates, as the Linux containers which the flaw affects are not supported in these products. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3156"
},
{
"category": "external",
"summary": "RHBZ#1318172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318172"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3156"
}
],
"release_date": "2016-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ipv4: denial of service when destroying a network interface"
},
{
"acknowledgments": [
{
"names": [
"Linn Crosetto"
],
"organization": "HP"
}
],
"cve": "CVE-2016-3699",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2016-03-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1329653"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ACPI table override allowed when securelevel is enabled",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 as the code with the flaw is not present in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3699"
},
{
"category": "external",
"summary": "RHBZ#1329653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1329653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3699",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3699"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3699",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3699"
}
],
"release_date": "2016-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: ACPI table override allowed when securelevel is enabled"
},
{
"cve": "CVE-2016-3841",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"discovery_date": "2016-08-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1364971"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Linux kernel\u0027s IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Red Hat Enterprise Linux 6 and 7 kernels. This issue was fixed in a version 6 prior to this issue being raised.\n\nAs this issue is rated as important, it has been scheduled to be fixed in a future version of Red Hat Enterprise Linux 7.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-3841"
},
{
"category": "external",
"summary": "RHBZ#1364971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1364971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-3841",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3841"
}
],
"release_date": "2016-08-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets."
},
{
"cve": "CVE-2016-4569",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2016-05-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1334643"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel. There is an information leak in file \"sound/core/timer.c\" of the latest mainline Linux kernel, the stack object \u201ctread\u201d has a total size of 32 bytes. It contains a 8-bytes padding, which is not initialized but sent to user via copy_to_user(), resulting a kernel leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak in Linux sound module in timer.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4569"
},
{
"category": "external",
"summary": "RHBZ#1334643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1334643"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4569"
},
{
"category": "external",
"summary": "http://comments.gmane.org/gmane.linux.kernel/2214250",
"url": "http://comments.gmane.org/gmane.linux.kernel/2214250"
}
],
"release_date": "2016-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Information leak in Linux sound module in timer.c"
},
{
"cve": "CVE-2016-4578",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"discovery_date": "2016-05-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1335215"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Linux kernel. There is an information leak in file sound/core/timer.c of the latest mainline Linux kernel. The stack object \u201cr1\u201d has a total size of 32 bytes. Its field \u201cevent\u201d and \u201cval\u201d both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information leak in events in timer.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4578"
},
{
"category": "external",
"summary": "RHBZ#1335215",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335215"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4578",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4578"
}
],
"release_date": "2016-05-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Information leak in events in timer.c"
},
{
"acknowledgments": [
{
"names": [
"Eric W. Biederman"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-4581",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2016-05-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1333712"
}
],
"notes": [
{
"category": "description",
"text": "fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Slave being first propagated copy causes oops in propagate_mnt",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, as there is no user namespace support in the products listed.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4581"
},
{
"category": "external",
"summary": "RHBZ#1333712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333712"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4581",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4581"
}
],
"release_date": "2016-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Slave being first propagated copy causes oops in propagate_mnt"
},
{
"cve": "CVE-2016-4794",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2016-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1335889"
}
],
"notes": [
{
"category": "description",
"text": "Use after free vulnerability was found in percpu using previously allocated memory in bpf. First __alloc_percpu_gfp() is called, then the memory is freed with free_percpu() which triggers async pcpu_balance_work and then pcpu_extend_area_map could use a chunk after it has been freed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use after free in array_map_alloc",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, 5 and 6.\n\nThis issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7 and MRG-2 and may be addressed in a future update.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4794"
},
{
"category": "external",
"summary": "RHBZ#1335889",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1335889"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4794",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4794"
}
],
"release_date": "2016-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Use after free in array_map_alloc"
},
{
"cve": "CVE-2016-5829",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2016-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1350509"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based buffer overflow vulnerability was found in the Linux kernel\u0027s hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap buffer overflow in hiddev driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2 and may be addressed in future updates. \n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5829"
},
{
"category": "external",
"summary": "RHBZ#1350509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1350509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5829"
}
],
"release_date": "2016-06-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap buffer overflow in hiddev driver"
},
{
"cve": "CVE-2016-6136",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2016-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1353533"
}
],
"notes": [
{
"category": "description",
"text": "When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Race condition vulnerability in execve argv arguments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 and 7. This has been rated as having Moderate security impact and is planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6136"
},
{
"category": "external",
"summary": "RHBZ#1353533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6136"
}
],
"release_date": "2016-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Race condition vulnerability in execve argv arguments"
},
{
"acknowledgments": [
{
"names": [
"CAI Qian"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2016-6198",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2016-07-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1355654"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found that the vfs_rename() function did not detect hard links on overlayfs. A local, unprivileged user could use the rename syscall on overlayfs on top of xfs to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vfs: missing detection of hardlinks in vfs_rename() on overlayfs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not present in the Linux kernel packages as shipped with Red Hat Enterprise Linux versions 5 and 6.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6198"
},
{
"category": "external",
"summary": "RHBZ#1355654",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355654"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6198",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6198"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6198",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6198"
}
],
"release_date": "2016-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: vfs: missing detection of hardlinks in vfs_rename() on overlayfs"
},
{
"cve": "CVE-2016-6327",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2016-06-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1354525"
}
],
"notes": [
{
"category": "description",
"text": "System using the infiniband support module ib_srpt were vulnerable to a denial of service by system crash by a local attacker who is able to abort writes to a device using this initiator.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: infiniband: Kernel crash by sending ABORT_TASK command",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects Red Hat Enterprise Linux 7 and MRG-2 kernels and will be addressed in a future update. This issue does not affect Red Hat Enterprise Linux 5 and 6 systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6327"
},
{
"category": "external",
"summary": "RHBZ#1354525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1354525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6327",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6327"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6327",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6327"
}
],
"release_date": "2016-08-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: infiniband: Kernel crash by sending ABORT_TASK command"
},
{
"cve": "CVE-2016-6480",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2016-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1362466"
}
],
"notes": [
{
"category": "description",
"text": "A race condition flaw was found in the ioctl_send_fib() function in the Linux kernel\u0027s aacraid implementation. A local attacker could use this flaw to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: scsi: aacraid: double fetch in ioctl_send_fib()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-6480"
},
{
"category": "external",
"summary": "RHBZ#1362466",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1362466"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-6480",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6480"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6480",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6480"
}
],
"release_date": "2016-08-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.7,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: scsi: aacraid: double fetch in ioctl_send_fib()"
},
{
"cve": "CVE-2017-13167",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2017-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568821"
}
],
"notes": [
{
"category": "description",
"text": "A race condition was found in the Linux kernel\u0027s sound timer code in the snd_timer_user_read() function in the sound/core/timer.c file. An unprivileged attacker can exploit the race condition to cause an out-of-bound access which may lead to a system crash or other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sound: a race condition in the kernel sound timer in snd_timer_user_read()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-13167"
},
{
"category": "external",
"summary": "RHBZ#1568821",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568821"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-13167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-13167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13167"
}
],
"release_date": "2016-02-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:2584"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-NFV:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-NFV:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-NFV:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.src",
"7Server-RT:kernel-rt-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-doc-0:3.10.0-514.rt56.420.el7.noarch",
"7Server-RT:kernel-rt-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-devel-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-0:3.10.0-514.rt56.420.el7.x86_64",
"7Server-RT:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.rt56.420.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sound: a race condition in the kernel sound timer in snd_timer_user_read()"
}
]
}
Loading...