Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-2691
Vulnerability from cvelistv5
Published
2009-08-14 15:00
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[linux-kernel] 20090623 [PATCH 1/1] mm_for_maps: simplify, use ptrace_may_access()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lkml.org/lkml/2009/6/23/653"
},
{
"name": "36265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36265"
},
{
"name": "[linux-kernel] 20090623 [PATCH 0/1] mm_for_maps: simplify, use ptrace_may_access()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lkml.org/lkml/2009/6/23/652"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"name": "RHSA-2009:1540",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"name": "36019",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36019"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=00f89d218523b9bf6b522349c039d5ac80aa536d"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=704b836cbf19e885f8366bccb2e4b0474346c02d"
},
{
"name": "[oss-security] 20090811 CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/08/11/1"
},
{
"name": "[linux-kernel] 20090710 [PATCH 1/2] mm_for_maps: shift down_read(mmap_sem) to the caller",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=124718946021193"
},
{
"name": "FEDORA-2009-9044",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
},
{
"name": "ADV-2009-2246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2246"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13f0feafa6b8aead57a2a328e2fca6a5828bf286"
},
{
"name": "36501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36501"
},
{
"name": "DSA-2005",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "linux-kernel-mmformaps-info-disclosure(52401)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52401"
},
{
"name": "[linux-kernel] 20090710 [PATCH 2/2] mm_for_maps: take -\u003ecred_guard_mutex to fix the race",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=124718949821250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[linux-kernel] 20090623 [PATCH 1/1] mm_for_maps: simplify, use ptrace_may_access()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lkml.org/lkml/2009/6/23/653"
},
{
"name": "36265",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36265"
},
{
"name": "[linux-kernel] 20090623 [PATCH 0/1] mm_for_maps: simplify, use ptrace_may_access()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lkml.org/lkml/2009/6/23/652"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"name": "RHSA-2009:1540",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"name": "36019",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36019"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=00f89d218523b9bf6b522349c039d5ac80aa536d"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=704b836cbf19e885f8366bccb2e4b0474346c02d"
},
{
"name": "[oss-security] 20090811 CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/08/11/1"
},
{
"name": "[linux-kernel] 20090710 [PATCH 1/2] mm_for_maps: shift down_read(mmap_sem) to the caller",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=124718946021193"
},
{
"name": "FEDORA-2009-9044",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
},
{
"name": "ADV-2009-2246",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2246"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13f0feafa6b8aead57a2a328e2fca6a5828bf286"
},
{
"name": "36501",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36501"
},
{
"name": "DSA-2005",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "linux-kernel-mmformaps-info-disclosure(52401)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52401"
},
{
"name": "[linux-kernel] 20090710 [PATCH 2/2] mm_for_maps: take -\u003ecred_guard_mutex to fix the race",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=124718949821250"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20090623 [PATCH 1/1] mm_for_maps: simplify, use ptrace_may_access()",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2009/6/23/653"
},
{
"name": "36265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36265"
},
{
"name": "[linux-kernel] 20090623 [PATCH 0/1] mm_for_maps: simplify, use ptrace_may_access()",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2009/6/23/652"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=516171",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"name": "RHSA-2009:1540",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"name": "36019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36019"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d"
},
{
"name": "[oss-security] 20090811 CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/11/1"
},
{
"name": "[linux-kernel] 20090710 [PATCH 1/2] mm_for_maps: shift down_read(mmap_sem) to the caller",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=124718946021193"
},
{
"name": "FEDORA-2009-9044",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
},
{
"name": "ADV-2009-2246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2246"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286"
},
{
"name": "36501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36501"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "linux-kernel-mmformaps-info-disclosure(52401)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52401"
},
{
"name": "[linux-kernel] 20090710 [PATCH 2/2] mm_for_maps: take -\u003ecred_guard_mutex to fix the race",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=124718949821250"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2691",
"datePublished": "2009-08-14T15:00:00",
"dateReserved": "2009-08-05T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-2691\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-08-14T15:16:27.467\",\"lastModified\":\"2024-11-21T01:05:31.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n mm_for_maps en fs/proc/base.c en el kernel Linux v2.6.30.4 y anteriores permiten a usuarios locales leer (1) mapas y (2) ficheros smaps bajo proc/ a trav\u00e9s de vectores relativos a la carga ELF, un proceso setuid, y condici\u00f3n de carrera.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.6.30.4\",\"matchCriteriaId\":\"63524387-5057-465B-AC04-C7C5CAEAE73A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10E55450-F6D9-483C-9CC8-E651E5A12AB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"45273823-29EA-44DE-8444-3933402C5793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F60E74-09DB-4D4A-B922-4A46EED0EC20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E242D3DE-D1DC-406A-BCC3-C4380B7EC369\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8598D6E5-0C5C-4A31-841A-C12801DB7D91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"59800B0A-477B-42F8-A58A-5144F455AE01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30:rc7-git6:*:*:*:*:*:*\",\"matchCriteriaId\":\"F166BF6B-BFB0-4206-BD59-179701572F1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99AC6D46-A0BF-4F1D-88BB-03BF74FDB84F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC40B6DE-09D9-422B-965B-7EB9F6661DEB\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=00f89d218523b9bf6b522349c039d5ac80aa536d\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13f0feafa6b8aead57a2a328e2fca6a5828bf286\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=704b836cbf19e885f8366bccb2e4b0474346c02d\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lkml.org/lkml/2009/6/23/652\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lkml.org/lkml/2009/6/23/653\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=124718946021193\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=124718949821250\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/36265\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36501\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2005\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/11/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/36019\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/2246\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=516171\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/52401\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1540.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=00f89d218523b9bf6b522349c039d5ac80aa536d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=13f0feafa6b8aead57a2a328e2fca6a5828bf286\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=704b836cbf19e885f8366bccb2e4b0474346c02d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lkml.org/lkml/2009/6/23/652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lkml.org/lkml/2009/6/23/653\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=124718946021193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=124718949821250\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://secunia.com/advisories/36265\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36501\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2010/dsa-2005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2009/08/11/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/36019\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/2246\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=516171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/52401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1540.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"The Red Hat Security Response Team has rated this issue as having moderate security impact.\\n\\nWe currently have no plans to fix this flaw in Red Hat Enterprise Linux 3, 4, and 5 as it is not possible to trigger the information leak if the suid_dumpable tunable is set to zero (which is the default).\\n\\nIt was addressed in Red Hat Enterprise MRG via: https://rhn.redhat.com/errata/RHSA-2009-1540.html\",\"lastModified\":\"2009-11-04T00:00:00\"}]}}"
}
}
ghsa-274m-66j7-crv4
Vulnerability from github
Published
2022-05-02 03:37
Modified
2022-05-02 03:37
Details
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.
{
"affected": [],
"aliases": [
"CVE-2009-2691"
],
"database_specific": {
"cwe_ids": [
"CWE-200"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-08-14T15:16:00Z",
"severity": "LOW"
},
"details": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.",
"id": "GHSA-274m-66j7-crv4",
"modified": "2022-05-02T03:37:44Z",
"published": "2022-05-02T03:37:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2691"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52401"
},
{
"type": "WEB",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d"
},
{
"type": "WEB",
"url": "http://lkml.org/lkml/2009/6/23/652"
},
{
"type": "WEB",
"url": "http://lkml.org/lkml/2009/6/23/653"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=124718946021193"
},
{
"type": "WEB",
"url": "http://marc.info/?l=linux-kernel\u0026m=124718949821250"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36265"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/36501"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2009/08/11/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/36019"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2009/2246"
}
],
"schema_version": "1.4.0",
"severity": []
}
gsd-2009-2691
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-2691",
"description": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.",
"id": "GSD-2009-2691",
"references": [
"https://www.suse.com/security/cve/CVE-2009-2691.html",
"https://www.debian.org/security/2010/dsa-2005",
"https://access.redhat.com/errata/RHSA-2009:1540"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-2691"
],
"details": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.",
"id": "GSD-2009-2691",
"modified": "2023-12-13T01:19:46.503924Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2691",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20090623 [PATCH 1/1] mm_for_maps: simplify, use ptrace_may_access()",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2009/6/23/653"
},
{
"name": "36265",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36265"
},
{
"name": "[linux-kernel] 20090623 [PATCH 0/1] mm_for_maps: simplify, use ptrace_may_access()",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2009/6/23/652"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=516171",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"name": "RHSA-2009:1540",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"name": "36019",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36019"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d"
},
{
"name": "[oss-security] 20090811 CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2009/08/11/1"
},
{
"name": "[linux-kernel] 20090710 [PATCH 1/2] mm_for_maps: shift down_read(mmap_sem) to the caller",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=124718946021193"
},
{
"name": "FEDORA-2009-9044",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
},
{
"name": "ADV-2009-2246",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2246"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286"
},
{
"name": "36501",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36501"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "linux-kernel-mmformaps-info-disclosure(52401)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52401"
},
{
"name": "[linux-kernel] 20090710 [PATCH 2/2] mm_for_maps: take -\u003ecred_guard_mutex to fix the race",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=124718949821250"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.6.30.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc7-git6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2691"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20090710 [PATCH 1/2] mm_for_maps: shift down_read(mmap_sem) to the caller",
"refsource": "MLIST",
"tags": [
"Patch"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=124718946021193"
},
{
"name": "[linux-kernel] 20090623 [PATCH 1/1] mm_for_maps: simplify, use ptrace_may_access()",
"refsource": "MLIST",
"tags": [
"Patch"
],
"url": "http://lkml.org/lkml/2009/6/23/653"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286",
"refsource": "CONFIRM",
"tags": [],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13f0feafa6b8aead57a2a328e2fca6a5828bf286"
},
{
"name": "36019",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/36019"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d",
"refsource": "CONFIRM",
"tags": [],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=704b836cbf19e885f8366bccb2e4b0474346c02d"
},
{
"name": "36265",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36265"
},
{
"name": "[linux-kernel] 20090710 [PATCH 2/2] mm_for_maps: take -\u003ecred_guard_mutex to fix the race",
"refsource": "MLIST",
"tags": [
"Patch"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=124718949821250"
},
{
"name": "ADV-2009-2246",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2246"
},
{
"name": "[linux-kernel] 20090623 [PATCH 0/1] mm_for_maps: simplify, use ptrace_may_access()",
"refsource": "MLIST",
"tags": [],
"url": "http://lkml.org/lkml/2009/6/23/652"
},
{
"name": "[oss-security] 20090811 CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2009/08/11/1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d",
"refsource": "CONFIRM",
"tags": [],
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=00f89d218523b9bf6b522349c039d5ac80aa536d"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=516171",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"name": "36501",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/36501"
},
{
"name": "FEDORA-2009-9044",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01256.html"
},
{
"name": "RHSA-2009:1540",
"refsource": "REDHAT",
"tags": [],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1540.html"
},
{
"name": "DSA-2005",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2010/dsa-2005"
},
{
"name": "linux-kernel-mmformaps-info-disclosure(52401)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52401"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-08-17T01:30Z",
"publishedDate": "2009-08-14T15:16Z"
}
}
}
rhsa-2009_1540
Vulnerability from csaf_redhat
Published
2009-11-03 18:21
Modified
2024-11-22 03:26
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
Updated kernel-rt packages that fix several security issues, multiple bugs,
and add enhancements are now available for Red Hat Enterprise MRG 1.1.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
Security fixes:
* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a
setuid or setgid program was executed. A local, unprivileged user could use
this flaw to bypass the mmap_min_addr protection mechanism and perform a
NULL pointer dereference attack, or bypass the Address Space Layout
Randomization (ASLR) security feature. (CVE-2009-1895, Important)
* a system with SELinux enforced was more permissive in allowing local
users in the unconfined_t domain to map low memory areas even if the
mmap_min_addr restriction was enabled. This could aid in the local
exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)
* missing initialization flaws were found in getname() implementations in
numerous network protocol implementations in the Linux kernel. Certain
data structures in these getname() implementations were not initialized
properly before being copied to user-space. These flaws could lead to an
information leak. (CVE-2009-3002, Important)
* a NULL pointer dereference flaw was found in each of the following
functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and
pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could
be released by other processes before it is used to update the pipe's
reader and writer counters. This could lead to a local denial of service or
privilege escalation. (CVE-2009-3547, Important)
* a flaw was found in the Realtek r8169 Ethernet driver in the Linux
kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU
space exhaustion and a system crash. An attacker on the local network could
abuse this flaw by using jumbo frames for large amounts of network traffic.
(CVE-2009-3613, Important)
* NULL pointer dereference flaws were found in the r128 driver in the
Linux kernel. Checks to test if the Concurrent Command Engine state was
initialized were missing in private IOCTL functions. An attacker could use
these flaws to cause a local denial of service or escalate their
privileges. (CVE-2009-3620, Important)
* Kees Cook and Steve Beattie discovered a race condition in the /proc
code in the Linux kernel. This could lead to information in the
"/proc/[pid]/maps" and "/proc/[pid]/smaps" files being leaked to users (who
would otherwise not have access to this information) during ELF loading.
This could help a local attacker bypass the ASLR security feature.
(CVE-2009-2691, Moderate)
* a NULL pointer dereference flaw was found in the md driver in the Linux
kernel. If the suspend_lo or suspend_hi file in "/sys/" is modified when
the disk array is inactive, it could lead to a local denial of service or
privilege escalation. By default, only root can write to these two files.
(CVE-2009-2849, Moderate)
* an information leak was found in the Linux kernel. On AMD64 systems,
32-bit processes could access and read certain 64-bit registers by
temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)
* padding data in several core network structures was not initialized
properly before being sent to user-space, possibly leading to information
leaks. (CVE-2009-3228, CVE-2009-3612, Moderate)
* the unix_stream_connect() function in the Linux kernel did not check if a
UNIX domain socket was in the shutdown state. This could lead to a
deadlock. A local, unprivileged user could use this flaw to cause a denial
of service. (CVE-2009-3621, Moderate)
These updated packages also include bug fixes and enhancements. Users are
directed to the Realtime Security Update Release Notes for version 1.1 for
information on these changes, which will be available shortly from:
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/
Users should upgrade to these updated packages, which contain backported
patches to correct these issues and add enhancements. The system must be
rebooted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel-rt packages that fix several security issues, multiple bugs,\nand add enhancements are now available for Red Hat Enterprise MRG 1.1.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity fixes:\n\n* the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a\nsetuid or setgid program was executed. A local, unprivileged user could use\nthis flaw to bypass the mmap_min_addr protection mechanism and perform a\nNULL pointer dereference attack, or bypass the Address Space Layout\nRandomization (ASLR) security feature. (CVE-2009-1895, Important)\n\n* a system with SELinux enforced was more permissive in allowing local\nusers in the unconfined_t domain to map low memory areas even if the\nmmap_min_addr restriction was enabled. This could aid in the local\nexploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important)\n\n* missing initialization flaws were found in getname() implementations in\nnumerous network protocol implementations in the Linux kernel. Certain\ndata structures in these getname() implementations were not initialized\nproperly before being copied to user-space. These flaws could lead to an\ninformation leak. (CVE-2009-3002, Important)\n\n* a NULL pointer dereference flaw was found in each of the following\nfunctions in the Linux kernel: pipe_read_open(), pipe_write_open(), and\npipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could\nbe released by other processes before it is used to update the pipe\u0027s\nreader and writer counters. This could lead to a local denial of service or\nprivilege escalation. (CVE-2009-3547, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. pci_unmap_single() presented a memory leak that could lead to IOMMU\nspace exhaustion and a system crash. An attacker on the local network could\nabuse this flaw by using jumbo frames for large amounts of network traffic.\n(CVE-2009-3613, Important)\n\n* NULL pointer dereference flaws were found in the r128 driver in the\nLinux kernel. Checks to test if the Concurrent Command Engine state was\ninitialized were missing in private IOCTL functions. An attacker could use\nthese flaws to cause a local denial of service or escalate their\nprivileges. (CVE-2009-3620, Important)\n\n* Kees Cook and Steve Beattie discovered a race condition in the /proc\ncode in the Linux kernel. This could lead to information in the\n\"/proc/[pid]/maps\" and \"/proc/[pid]/smaps\" files being leaked to users (who\nwould otherwise not have access to this information) during ELF loading.\nThis could help a local attacker bypass the ASLR security feature.\n(CVE-2009-2691, Moderate)\n\n* a NULL pointer dereference flaw was found in the md driver in the Linux\nkernel. If the suspend_lo or suspend_hi file in \"/sys/\" is modified when\nthe disk array is inactive, it could lead to a local denial of service or\nprivilege escalation. By default, only root can write to these two files.\n(CVE-2009-2849, Moderate)\n\n* an information leak was found in the Linux kernel. On AMD64 systems,\n32-bit processes could access and read certain 64-bit registers by\ntemporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate)\n\n* padding data in several core network structures was not initialized\nproperly before being sent to user-space, possibly leading to information\nleaks. (CVE-2009-3228, CVE-2009-3612, Moderate)\n\n* the unix_stream_connect() function in the Linux kernel did not check if a\nUNIX domain socket was in the shutdown state. This could lead to a\ndeadlock. A local, unprivileged user could use this flaw to cause a denial\nof service. (CVE-2009-3621, Moderate)\n\nThese updated packages also include bug fixes and enhancements. Users are\ndirected to the Realtime Security Update Release Notes for version 1.1 for\ninformation on these changes, which will be available shortly from: \n\nhttp://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add enhancements. The system must be\nrebooted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1540",
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#important",
"url": "http://www.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-18042",
"url": "http://kbase.redhat.com/faq/docs/DOC-18042"
},
{
"category": "external",
"summary": "http://kbase.redhat.com/faq/docs/DOC-17866",
"url": "http://kbase.redhat.com/faq/docs/DOC-17866"
},
{
"category": "external",
"summary": "http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/",
"url": "http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/"
},
{
"category": "external",
"summary": "511171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511171"
},
{
"category": "external",
"summary": "516171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"category": "external",
"summary": "517830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=517830"
},
{
"category": "external",
"summary": "518132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=518132"
},
{
"category": "external",
"summary": "518160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=518160"
},
{
"category": "external",
"summary": "519305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519305"
},
{
"category": "external",
"summary": "520990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=520990"
},
{
"category": "external",
"summary": "521999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521999"
},
{
"category": "external",
"summary": "522359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=522359"
},
{
"category": "external",
"summary": "522501",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=522501"
},
{
"category": "external",
"summary": "522503",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=522503"
},
{
"category": "external",
"summary": "523986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=523986"
},
{
"category": "external",
"summary": "526788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526788"
},
{
"category": "external",
"summary": "528139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528139"
},
{
"category": "external",
"summary": "528868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528868"
},
{
"category": "external",
"summary": "529137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529137"
},
{
"category": "external",
"summary": "529597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529597"
},
{
"category": "external",
"summary": "529626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529626"
},
{
"category": "external",
"summary": "530490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530490"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1540.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T03:26:34+00:00",
"generator": {
"date": "2024-11-22T03:26:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2009:1540",
"initial_release_date": "2009-11-03T18:21:00+00:00",
"revision_history": [
{
"date": "2009-11-03T18:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-11-03T13:21:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:26:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MRG Realtime for RHEL 5 Server",
"product": {
"name": "MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-5"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-137.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-137.el5rt?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-137.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-137.el5rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"product": {
"name": "kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"product_id": "kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-137.el5rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-137.el5rt.src",
"product": {
"name": "kernel-rt-0:2.6.24.7-137.el5rt.src",
"product_id": "kernel-rt-0:2.6.24.7-137.el5rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-137.el5rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-137.el5rt.src as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src"
},
"product_reference": "kernel-rt-0:2.6.24.7-137.el5rt.src",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch"
},
"product_reference": "kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-1895",
"discovery_date": "2009-06-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "511171"
}
],
"notes": [
{
"category": "description",
"text": "The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: personality: fix PER_CLEAR_ON_SETID",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-1895"
},
{
"category": "external",
"summary": "RHBZ#511171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-1895",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-1895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1895"
}
],
"release_date": "2009-06-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: personality: fix PER_CLEAR_ON_SETID"
},
{
"cve": "CVE-2009-2691",
"discovery_date": "2009-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "516171"
}
],
"notes": [
{
"category": "description",
"text": "The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: /proc/$pid/maps visible during initial setuid ELF loading",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "We currently have no plans to fix this flaw in Red Hat Enterprise Linux 3, 4, and 5 as it is not possible to trigger the information leak if the suid_dumpable tunable is set to zero (which is the default).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2691"
},
{
"category": "external",
"summary": "RHBZ#516171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2691",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2691"
}
],
"release_date": "2009-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: /proc/$pid/maps visible during initial setuid ELF loading"
},
{
"cve": "CVE-2009-2695",
"discovery_date": "2009-08-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "517830"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the default configuration of the allow_unconfined_mmap_low boolean in SELinux on Red Hat Enterprise Linux (RHEL) 5, (2) an error that causes allow_unconfined_mmap_low to be ignored in the unconfined_t domain, (3) lack of a requirement for the CAP_SYS_RAWIO capability for these mmap operations, and (4) interaction between the mmap_min_addr protection mechanism and certain application programs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: SELinux and mmap_min_addr",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2695"
},
{
"category": "external",
"summary": "RHBZ#517830",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=517830"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2695"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2695",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2695"
}
],
"release_date": "2009-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: SELinux and mmap_min_addr"
},
{
"cve": "CVE-2009-2849",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "518132"
}
],
"notes": [
{
"category": "description",
"text": "The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to \"suspend_* sysfs attributes\" and the (1) suspend_lo_store or (2) suspend_hi_store functions. NOTE: this is only a vulnerability when sysfs is writable by an attacker.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: md: NULL pointer deref when accessing suspend_* sysfs attributes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw was introduced in kernel version 2.6.17-rc1. The Linux kernel as shipped with Red Hat Enterprise Linux 3, and 4 are not affected by this issue.\n\nA future kernel update for Red Hat Enterprise Linux 5 will address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2849"
},
{
"category": "external",
"summary": "RHBZ#518132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=518132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2849",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2849"
}
],
"release_date": "2009-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: md: NULL pointer deref when accessing suspend_* sysfs attributes"
},
{
"cve": "CVE-2009-2910",
"discovery_date": "2009-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "526788"
}
],
"notes": [
{
"category": "description",
"text": "arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: x86_64 32 bit process register leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important and critical impact are addressed.\n\nFor further information about Errata Support Policy, visit: https://access.redhat.com/support/policy/updates/errata/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-2910"
},
{
"category": "external",
"summary": "RHBZ#526788",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526788"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-2910",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2910"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-2910",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2910"
}
],
"release_date": "2009-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: x86_64 32 bit process register leak"
},
{
"cve": "CVE-2009-3002",
"discovery_date": "2009-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "519305"
}
],
"notes": [
{
"category": "description",
"text": "The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on (1) an AF_APPLETALK socket, related to the atalk_getname function in net/appletalk/ddp.c; (2) an AF_IRDA socket, related to the irda_getname function in net/irda/af_irda.c; (3) an AF_ECONET socket, related to the econet_getname function in net/econet/af_econet.c; (4) an AF_NETROM socket, related to the nr_getname function in net/netrom/af_netrom.c; (5) an AF_ROSE socket, related to the rose_getname function in net/rose/af_rose.c; or (6) a raw CAN socket, related to the raw_getname function in net/can/raw.c.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: numerous getname() infoleaks",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "CVE-2009-3002 describes a collection of similar information leaks that affect numerous networking protocols.\n\nThe Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 did not enable support for the AppleTalk DDP protocol, and therefore were not affected by issue (1).\n\nThe Linux kernel as shipped with Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG did not enable support for IrDA sockets, and therefore were not affected by issue (2).\n\nThe Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG did not enable support for the Acorn Econet and AUN protocols, and therefore were not affected by issue (3).\n\nThe Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG did not enable support for the NET/ROM and ROSE protocols, and therefore were not affected by issues (4) and (5).\n\nThe raw_getname() leak was introduced in the Linux kernel version 2.6.25-rc1. The Linux kernel as shipped with Red Hat Enterprise Linux 3, 4, 5, and Red Hat Enterprise MRG therefore were not affected by issue (6).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3002"
},
{
"category": "external",
"summary": "RHBZ#519305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3002",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3002"
}
],
"release_date": "2009-08-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: numerous getname() infoleaks"
},
{
"cve": "CVE-2009-3228",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2009-09-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "520990"
}
],
"notes": [
{
"category": "description",
"text": "The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tc: uninitialised kernel memory leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3228"
},
{
"category": "external",
"summary": "RHBZ#520990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=520990"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3228",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3228"
}
],
"release_date": "2009-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tc: uninitialised kernel memory leak"
},
{
"cve": "CVE-2009-3547",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-10-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "530490"
}
],
"notes": [
{
"category": "description",
"text": "Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs: pipe.c null pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3547"
},
{
"category": "external",
"summary": "RHBZ#530490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=530490"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3547",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3547"
}
],
"release_date": "2009-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: fs: pipe.c null pointer dereference"
},
{
"cve": "CVE-2009-3612",
"discovery_date": "2009-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "528868"
}
],
"notes": [
{
"category": "description",
"text": "The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3 due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important or critical impact are addressed.\n\nFor further information about the Errata Support Policy, visit: https://access.redhat.com/support/policy/updates/errata/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3612"
},
{
"category": "external",
"summary": "RHBZ#528868",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528868"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3612"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3612",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3612"
}
],
"release_date": "2009-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7"
},
{
"cve": "CVE-2009-3613",
"discovery_date": "2009-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "529137"
}
],
"notes": [
{
"category": "description",
"text": "The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of network traffic, as demonstrated by a flood ping.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3613"
},
{
"category": "external",
"summary": "RHBZ#529137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3613"
}
],
"release_date": "2007-11-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500"
},
{
"cve": "CVE-2009-3620",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "529597"
}
],
"notes": [
{
"category": "description",
"text": "The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3620"
},
{
"category": "external",
"summary": "RHBZ#529597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529597"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3620"
}
],
"release_date": "2009-08-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised"
},
{
"cve": "CVE-2009-3621",
"discovery_date": "2009-10-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "529626"
}
],
"notes": [
{
"category": "description",
"text": "net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important or critical impact are addressed.\n\nFor further information about Errata Support Policy, visit: https://access.redhat.com/support/policy/updates/errata/",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3621"
},
{
"category": "external",
"summary": "RHBZ#529626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3621"
}
],
"release_date": "2009-10-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-11-03T18:21:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1540"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-137.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-137.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-137.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.