csaf_redhat - rhsa-2017

rhsa-2017_0931

Vulnerability from csaf_redhat

Published

2017-04-12 10:51

Modified

2024-09-13 14:39

Summary

Red Hat Security Advisory: kernel-rt security and bug fix update

Notes

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). Bug Fix(es): * Previously, a cgroups data structure was sometimes corrupted due to a race condition in the kernel-rt cgroups code. Consequently, several system tasks were blocked, and the operating system became unresponsive. This update adds a lock that prevents the race condition. As a result, the cgroups data structure no longer gets corrupted and the operating system no longer hangs under the described circumstances. (BZ#1420784) * The kernel-rt packages have been upgraded to the 3.10.0-514.16.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1430749)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important)\n\n* A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate)\n\n* A flaw was found in the Linux kernel\u0027s implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate)\n\n* A flaw was found in the Linux kernel\u0027s handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate)\n\nRed Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering).\n\nBug Fix(es):\n\n* Previously, a cgroups data structure was sometimes corrupted due to a race condition in the kernel-rt cgroups code. Consequently, several system tasks were blocked, and the operating system became unresponsive. This update adds a lock that prevents the race condition. As a result, the cgroups data structure no longer gets corrupted and the operating system no longer hangs under the described circumstances. (BZ#1420784)\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.16.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1430749)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:0931",
        "url": "https://access.redhat.com/errata/RHSA-2017:0931"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1395187",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395187"
      },
      {
        "category": "external",
        "summary": "1402013",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
      },
      {
        "category": "external",
        "summary": "1419916",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1419916"
      },
      {
        "category": "external",
        "summary": "1428319",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428319"
      },
      {
        "category": "external",
        "summary": "1430749",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1430749"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_0931.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
    "tracking": {
      "current_release_date": "2024-09-13T14:39:36+00:00",
      "generator": {
        "date": "2024-09-13T14:39:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2017:0931",
      "initial_release_date": "2017-04-12T10:51:25+00:00",
      "revision_history": [
        {
          "date": "2017-04-12T10:51:25+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-04-12T10:51:25+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-13T14:39:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
                  "product_id": "7Server-NFV-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras_rt:7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Realtime (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Realtime (v. 7)",
                  "product_id": "7Server-RT-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_extras_rt:7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                "product": {
                  "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_id": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-514.16.1.rt56.437.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
                "product": {
                  "name": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
                  "product_id": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-514.16.1.rt56.437.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
                "product": {
                  "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
                  "product_id": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-514.16.1.rt56.437.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src"
        },
        "product_reference": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch"
        },
        "product_reference": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
          "product_id": "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-NFV-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src"
        },
        "product_reference": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch"
        },
        "product_reference": "kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64 as a component of Red Hat Enterprise Linux Realtime (v. 7)",
          "product_id": "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        },
        "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
        "relates_to_product_reference": "7Server-RT-7.3.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-8650",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "discovery_date": "2016-11-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1395187"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Null pointer dereference via keyctl",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7, MRG-2 and realtime kernels.\n\nThis issue does not affect kernels that ship with Red Hat Enterprise Linux 5.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8650"
        },
        {
          "category": "external",
          "summary": "RHBZ#1395187",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395187"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8650",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8650"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8650",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8650"
        }
      ],
      "release_date": "2016-11-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: Null pointer dereference via keyctl"
    },
    {
      "cve": "CVE-2016-9793",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2016-12-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1402013"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Signed overflow for SO_{SND|RCV}BUFFORCE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the kernels as shipping with Red Hat Enterprise Linux 5 and 6.  This issue does affect kernels 7, MRG-2 and realtime kernels and plans to be fixed in a future update.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-9793"
        },
        {
          "category": "external",
          "summary": "RHBZ#1402013",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-9793",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-9793",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9793"
        }
      ],
      "release_date": "2016-12-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: Signed overflow for SO_{SND|RCV}BUFFORCE"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Paul Moore"
          ],
          "organization": "Red Hat Engineering",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2017-2618",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "discovery_date": "2017-02-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1419916"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 due to a missing commit ( bb646cdb12e75d82258c2f2e7746d5952d3e321a ) which enabled changed system behavior.\n\nThis issue does affect Red Hat Enteprise Linux 7 and MRG-2 kernels. A future Linux kernel updates for the respective releases may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2618"
        },
        {
          "category": "external",
          "summary": "RHBZ#1419916",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1419916"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2618",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2618"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2618",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2618"
        }
      ],
      "release_date": "2017-02-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Alexander Popov"
          ]
        }
      ],
      "cve": "CVE-2017-2636",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2017-03-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1428319"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5.\n\nThis issue does affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2. As this issue is rated as Important, it has been scheduled to be fixed in future updates for the respective releases.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
          "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
          "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
          "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "RHBZ#1428319",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428319"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-2636",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-2636",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html",
          "url": "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/vulnerabilities/CVE-2017-2636",
          "url": "https://access.redhat.com/security/vulnerabilities/CVE-2017-2636"
        }
      ],
      "release_date": "2017-03-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        },
        {
          "category": "workaround",
          "details": "The  n_hdlc kernel module will be automatically loaded when an application  attempts to use the HDLC line discipline from userspace.  This module  can be prevented from being loaded by using the system-wide modprobe  rules. The following command, run as root, will prevent accidental or  intentional loading of the module.  Red Hat Product Security believe  this method is a robust method to prevent accidental loading of the  module, even by privileged users.\n\n\u200b# echo \"install n_hdlc /bin/true\" \u003e\u003e /etc/modprobe.d/disable-n_hdlc.conf\n\nThe  system will need to be restarted if the n_hdlc modules are already  loaded.  In most circumstances, the n_hdlc kernel modules will be unable to be unloaded if in use and while any current process using this line  discipline is required.\n\nExploiting this flaw does not require Microgate or SyncLink hardware to be in use.\n\nIf further assistance is needed, see this KCS article ( https://access.redhat.com/solutions/41278 ) or contact Red Hat Global Support Services.",
          "product_ids": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-NFV-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-NFV-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.src",
            "7Server-RT-7.3.Z:kernel-rt-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-doc-0:3.10.0-514.16.1.rt56.437.el7.noarch",
            "7Server-RT-7.3.Z:kernel-rt-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-devel-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-0:3.10.0-514.16.1.rt56.437.el7.x86_64",
            "7Server-RT-7.3.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-514.16.1.rt56.437.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release()"
    }
  ]
}

cve-2017-2636

Vulnerability from cvelistv5

Published

2017-03-07 22:00

Modified

2024-08-05 14:02

Severity

Summary

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

References

URL	Tags
https://access.redhat.com/errata/RHSA-2017:0892	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/96732	vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1037963	vdb-entry, x_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2017/03/07/6	mailing-list, x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1428319	x_refsource_CONFIRM
https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html	x_refsource_MISC
https://access.redhat.com/errata/RHSA-2017:1125	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1232	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2017/dsa-3804	vendor-advisory, x_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2017:1233	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1488	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0986	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1126	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:06.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:0892",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0892"
          },
          {
            "name": "96732",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96732"
          },
          {
            "name": "1037963",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037963"
          },
          {
            "name": "RHSA-2017:0932",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0932"
          },
          {
            "name": "[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/03/07/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428319"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html"
          },
          {
            "name": "RHSA-2017:1125",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1125"
          },
          {
            "name": "RHSA-2017:0933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0933"
          },
          {
            "name": "RHSA-2017:1232",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1232"
          },
          {
            "name": "RHSA-2017:0931",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0931"
          },
          {
            "name": "DSA-3804",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3804"
          },
          {
            "name": "RHSA-2017:1233",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1233"
          },
          {
            "name": "RHSA-2017:1488",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1488"
          },
          {
            "name": "RHSA-2017:0986",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0986"
          },
          {
            "name": "RHSA-2017:1126",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1126"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2017:0892",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0892"
        },
        {
          "name": "96732",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96732"
        },
        {
          "name": "1037963",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037963"
        },
        {
          "name": "RHSA-2017:0932",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0932"
        },
        {
          "name": "[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/03/07/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428319"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html"
        },
        {
          "name": "RHSA-2017:1125",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1125"
        },
        {
          "name": "RHSA-2017:0933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0933"
        },
        {
          "name": "RHSA-2017:1232",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1232"
        },
        {
          "name": "RHSA-2017:0931",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        },
        {
          "name": "DSA-3804",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3804"
        },
        {
          "name": "RHSA-2017:1233",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1233"
        },
        {
          "name": "RHSA-2017:1488",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1488"
        },
        {
          "name": "RHSA-2017:0986",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0986"
        },
        {
          "name": "RHSA-2017:1126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1126"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-2636",
    "datePublished": "2017-03-07T22:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T14:02:06.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-2618

Vulnerability from cvelistv5

Published

2018-07-27 19:00

Modified

2024-08-05 14:02

Severity

5.5 (Medium) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.

References

URL	Tags
https://marc.info/?l=selinux&m=148588165923772&w=2	mailing-list, x_refsource_MLIST
https://www.debian.org/security/2017/dsa-3791	vendor-advisory, x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2618	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0c461cb727d146c9ef2d3e86214f498b78b7d125	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/96272	vdb-entry, x_refsource_BID

Impacted products

Vendor	Product
Linux	kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.208Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[selinux] 20170131 [PATCH] selinux: fix off-by-one in setprocattr",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://marc.info/?l=selinux\u0026m=148588165923772\u0026w=2"
          },
          {
            "name": "DSA-3791",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-3791"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2618"
          },
          {
            "name": "RHSA-2017:0932",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0932"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0c461cb727d146c9ef2d3e86214f498b78b7d125"
          },
          {
            "name": "RHSA-2017:0933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0933"
          },
          {
            "name": "RHSA-2017:0931",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0931"
          },
          {
            "name": "96272",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96272"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "kernel",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.9.10"
            }
          ]
        }
      ],
      "datePublic": "2017-01-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel\u0027s handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-193",
              "description": "CWE-193",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-28T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "[selinux] 20170131 [PATCH] selinux: fix off-by-one in setprocattr",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://marc.info/?l=selinux\u0026m=148588165923772\u0026w=2"
        },
        {
          "name": "DSA-3791",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-3791"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2618"
        },
        {
          "name": "RHSA-2017:0932",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0932"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0c461cb727d146c9ef2d3e86214f498b78b7d125"
        },
        {
          "name": "RHSA-2017:0933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0933"
        },
        {
          "name": "RHSA-2017:0931",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        },
        {
          "name": "96272",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96272"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-2618",
    "datePublished": "2018-07-27T19:00:00",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-08-05T14:02:07.208Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-9793

Vulnerability from cvelistv5

Published

2016-12-28 07:42

Modified

2024-08-06 02:59

Severity

Summary

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

References

URL	Tags
https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290	x_refsource_CONFIRM
http://www.securitytracker.com/id/1037968	vdb-entry, x_refsource_SECTRACK
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793	x_refsource_MISC
http://www.securityfocus.com/bid/94655	vdb-entry, x_refsource_BID
http://www.openwall.com/lists/oss-security/2016/12/03/1	mailing-list, x_refsource_MLIST
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisory, x_refsource_REDHAT
https://source.android.com/security/bulletin/2017-03-01.html	x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1402013	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:59:03.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
          },
          {
            "name": "1037968",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037968"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
          },
          {
            "name": "RHSA-2017:0932",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0932"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793"
          },
          {
            "name": "94655",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94655"
          },
          {
            "name": "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/12/03/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
          },
          {
            "name": "RHSA-2017:0933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0933"
          },
          {
            "name": "RHSA-2017:0931",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0931"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-03-01.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-12-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
        },
        {
          "name": "1037968",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037968"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
        },
        {
          "name": "RHSA-2017:0932",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0932"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793"
        },
        {
          "name": "94655",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94655"
        },
        {
          "name": "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/12/03/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
        },
        {
          "name": "RHSA-2017:0933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0933"
        },
        {
          "name": "RHSA-2017:0931",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-03-01.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-9793",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
            },
            {
              "name": "1037968",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037968"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
            },
            {
              "name": "RHSA-2017:0932",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:0932"
            },
            {
              "name": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793",
              "refsource": "MISC",
              "url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793"
            },
            {
              "name": "94655",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/94655"
            },
            {
              "name": "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/12/03/1"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
            },
            {
              "name": "RHSA-2017:0933",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:0933"
            },
            {
              "name": "RHSA-2017:0931",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:0931"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-03-01.html",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-03-01.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-9793",
    "datePublished": "2016-12-28T07:42:00",
    "dateReserved": "2016-12-02T00:00:00",
    "dateUpdated": "2024-08-06T02:59:03.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2016-8650

Vulnerability from cvelistv5

Published

2016-11-28 03:01

Modified

2024-08-06 02:27

Severity

Summary

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

References

URL	Tags
https://github.com/torvalds/linux/commit/f5527fffff3f002b0a6b376163613b82f69de073	x_refsource_CONFIRM
http://www.securitytracker.com/id/1037968	vdb-entry, x_refsource_SECTRACK
http://seclists.org/fulldisclosure/2016/Nov/76	mailing-list, x_refsource_FULLDISC
http://www.openwall.com/lists/oss-security/2016/11/24/8	mailing-list, x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1395187	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/94532	vdb-entry, x_refsource_BID
https://source.android.com/security/bulletin/2017-03-01.html	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:27:41.272Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/f5527fffff3f002b0a6b376163613b82f69de073"
          },
          {
            "name": "1037968",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037968"
          },
          {
            "name": "20161115 OS-S 2016-21 - Local DoS: Linux Kernel Nullpointer Dereference via keyctl",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2016/Nov/76"
          },
          {
            "name": "[oss-security] 20161125 Linux kernel: CVE-2016-8650 : Local denial of service with in key subsystem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/11/24/8"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395187"
          },
          {
            "name": "RHSA-2018:1854",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:1854"
          },
          {
            "name": "RHSA-2017:0932",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0932"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"
          },
          {
            "name": "RHSA-2017:0933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0933"
          },
          {
            "name": "RHSA-2017:0931",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0931"
          },
          {
            "name": "94532",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94532"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-03-01.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-19T09:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/f5527fffff3f002b0a6b376163613b82f69de073"
        },
        {
          "name": "1037968",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037968"
        },
        {
          "name": "20161115 OS-S 2016-21 - Local DoS: Linux Kernel Nullpointer Dereference via keyctl",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2016/Nov/76"
        },
        {
          "name": "[oss-security] 20161125 Linux kernel: CVE-2016-8650 : Local denial of service with in key subsystem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/11/24/8"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1395187"
        },
        {
          "name": "RHSA-2018:1854",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:1854"
        },
        {
          "name": "RHSA-2017:0932",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0932"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5527fffff3f002b0a6b376163613b82f69de073"
        },
        {
          "name": "RHSA-2017:0933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0933"
        },
        {
          "name": "RHSA-2017:0931",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        },
        {
          "name": "94532",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/94532"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-03-01.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-8650",
    "datePublished": "2016-11-28T03:01:00",
    "dateReserved": "2016-10-12T00:00:00",
    "dateUpdated": "2024-08-06T02:27:41.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2017_0931

Vulnerability from csaf_redhat

cve-2017-2636

Vulnerability from cvelistv5

cve-2017-2618

Vulnerability from cvelistv5

cve-2016-9793

Vulnerability from cvelistv5

cve-2016-8650

Vulnerability from cvelistv5

Tags