Action not permitted
Modal body text goes here.
CVE-2011-2918
Vulnerability from cvelistv5
Published
2012-05-24 23:00
Modified
2024-08-06 23:15
Severity ?
EPSS score ?
Summary
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T23:15:31.684Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "name": "[oss-security] 20110816 Re: CVE request -- kernel: perf: fix software event overflow", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2011/08/16/1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2012-05-24T23:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "name": "[oss-security] 20110816 Re: CVE request -- kernel: perf: fix software event overflow", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2011/08/16/1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-2918", "datePublished": "2012-05-24T23:00:00Z", "dateReserved": "2011-07-27T00:00:00Z", "dateUpdated": "2024-08-06T23:15:31.684Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2011-2918\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2012-05-24T23:55:02.167\",\"lastModified\":\"2024-11-21T01:29:16.560\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.\"},{\"lang\":\"es\",\"value\":\"El subsistema Performance Events en el kernel de Linux antes de v3.1 no trata correctamente los desbordamientos de eventos asociados con eventos PERF_COUNT_SW_CPU_CLOCK, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (bloqueo del sistema) a trav\u00e9s de una aplicaci\u00f3n modificada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1\",\"matchCriteriaId\":\"156989A4-23D9-434A-B512-9C0F3583D13D\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/16/1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=730706\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2011/08/16/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=730706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}" } }
gsd-2011-2918
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2011-2918", "description": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.", "id": "GSD-2011-2918", "references": [ "https://www.suse.com/security/cve/CVE-2011-2918.html", "https://www.debian.org/security/2011/dsa-2303", "https://access.redhat.com/errata/RHSA-2012:0333", "https://access.redhat.com/errata/RHSA-2011:1350", "https://alas.aws.amazon.com/cve/html/CVE-2011-2918.html", "https://linux.oracle.com/cve/CVE-2011-2918.html", "https://packetstormsecurity.com/files/cve/CVE-2011-2918" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2011-2918" ], "details": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.", "id": "GSD-2011-2918", "modified": "2023-12-13T01:19:06.556853Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-2918", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1", "refsource": "MISC", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1" }, { "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233", "refsource": "MISC", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "name": "http://www.openwall.com/lists/oss-security/2011/08/16/1", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2011/08/16/1" }, { "name": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=730706", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "3.1", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2011-2918" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-400" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233", "refsource": "CONFIRM", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1", "refsource": "CONFIRM", "tags": [ "Mailing List", "Patch", "Vendor Advisory" ], "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1" }, { "name": "[oss-security] 20110816 Re: CVE request -- kernel: perf: fix software event overflow", "refsource": "MLIST", "tags": [ "Mailing List", "Patch", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2011/08/16/1" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=730706", "refsource": "CONFIRM", "tags": [ "Issue Tracking", "Patch", "Third Party Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" }, { "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233", "refsource": "MISC", "tags": [], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 3.6 } }, "lastModifiedDate": "2023-02-13T04:32Z", "publishedDate": "2012-05-24T23:55Z" } } }
rhsa-2012_0333
Vulnerability from csaf_redhat
Published
2012-02-23 20:18
Modified
2024-11-22 05:59
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix multiple security issues and various
bugs are now available for Red Hat Enterprise MRG 2.1.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
These packages contain the Linux kernel.
Security fixes:
* SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to
the underlying block device, allowing a privileged user to bypass
restrictions and gain read and write access (and be able to issue other
SCSI commands) to the entire block device. (CVE-2011-4127, Important)
* A local, unprivileged user could use an integer overflow flaw in
drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their
privileges. (CVE-2012-0044, Important)
* A local, unprivileged user could use a flaw in the Performance Events
implementation to cause a denial of service. (CVE-2011-2918, Moderate)
* A local, unprivileged user could use flaws in the XFS file system
implementation to cause a denial of service or escalate their privileges by
mounting a specially-crafted disk. (CVE-2011-4077, CVE-2012-0038, Moderate)
* A local, unprivileged user could use a flaw in the Out of Memory (OOM)
killer to monopolize memory, have their process skipped by the OOM killer,
or cause other tasks to be terminated. (CVE-2011-4097, Moderate)
* A local, unprivileged user could use a flaw in the key management
facility to cause a denial of service. (CVE-2011-4110, Moderate)
* A malicious Network File System version 4 (NFSv4) server could return a
crafted reply to a GETACL request, causing a denial of service on the
client. (CVE-2011-4131, Moderate)
* A local attacker could use a flaw in the Journaling Block Device (JBD) to
crash the system by mounting a specially-crafted ext3 or ext4 disk.
(CVE-2011-4132, Moderate)
* A flaw in igmp_heard_query() could allow an attacker, who is able to send
certain IGMP (Internet Group Management Protocol) packets to a target
system, to cause a denial of service. (CVE-2012-0207, Moderate)
* If lock contention during signal sending occurred when in a software
interrupt handler that is using the per-CPU debug stack, the task could be
scheduled out on the realtime kernel, possibly leading to debug stack
corruption. A local, unprivileged user could use this flaw to cause a
denial of service. (CVE-2012-0810, Moderate)
Red Hat would like to thank Chen Haogang for reporting CVE-2012-0044;
Wang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting
CVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon McVittie
for reporting CVE-2012-0207.
Bug fixes:
* When a sleeping task, waiting on a futex (fast userspace mutex), tried to
get the spin_lock(hb->lock) RT-mutex, if the owner of the futex released
the lock, the sleeping task was put on a futex proxy lock. Consequently,
the sleeping task was blocked on two locks and eventually terminated in the
BUG_ON() function. With this update, the WAKEUP_INPROGRESS pseudo-lock has
been added to be used as a proxy lock. This pseudo-lock tells the sleeping
task that it is being woken up so that the task no longer tries to get the
second lock. Now, the futex code works as expected and sleeping tasks no
longer crash in the described scenario. (BZ#784733)
* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some
services such as sshd and ipsec, while working properly, returned warning
messages regarding this missing option during start up. With this update,
CONFIG_CRYPTO_FIPS has been enabled and no warning messages are now
returned in the described scenario. (BZ#786145)
* Previously, when a read operation on a loop device failed, the data
successfully read from the device was not cleared and could eventually
leak. This bug has been fixed and all data are now properly cleared in the
described scenario. (BZ#761420)
* Due to an assembler-sourced object, the perf utility (from the perf-rt
package) for AMD64 and Intel 64 architectures contained an executable
stack. This update adds the ".note.GNU-stack" section definition to the
bench/mem-memcpy-x86-64-asm.S component of perf, with all flags disabled,
and perf no longer contains an executable stack, thus fixing this bug.
(BZ#783570)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated kernel-rt packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "These packages contain the Linux kernel.\n\nSecurity fixes:\n\n* SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to\nthe underlying block device, allowing a privileged user to bypass\nrestrictions and gain read and write access (and be able to issue other\nSCSI commands) to the entire block device. (CVE-2011-4127, Important)\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their\nprivileges. (CVE-2012-0044, Important)\n\n* A local, unprivileged user could use a flaw in the Performance Events\nimplementation to cause a denial of service. (CVE-2011-2918, Moderate)\n\n* A local, unprivileged user could use flaws in the XFS file system\nimplementation to cause a denial of service or escalate their privileges by\nmounting a specially-crafted disk. (CVE-2011-4077, CVE-2012-0038, Moderate)\n\n* A local, unprivileged user could use a flaw in the Out of Memory (OOM)\nkiller to monopolize memory, have their process skipped by the OOM killer,\nor cause other tasks to be terminated. (CVE-2011-4097, Moderate)\n\n* A local, unprivileged user could use a flaw in the key management\nfacility to cause a denial of service. (CVE-2011-4110, Moderate)\n\n* A malicious Network File System version 4 (NFSv4) server could return a\ncrafted reply to a GETACL request, causing a denial of service on the\nclient. (CVE-2011-4131, Moderate)\n\n* A local attacker could use a flaw in the Journaling Block Device (JBD) to\ncrash the system by mounting a specially-crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* A flaw in igmp_heard_query() could allow an attacker, who is able to send\ncertain IGMP (Internet Group Management Protocol) packets to a target\nsystem, to cause a denial of service. (CVE-2012-0207, Moderate)\n\n* If lock contention during signal sending occurred when in a software\ninterrupt handler that is using the per-CPU debug stack, the task could be\nscheduled out on the realtime kernel, possibly leading to debug stack\ncorruption. A local, unprivileged user could use this flaw to cause a\ndenial of service. (CVE-2012-0810, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nWang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting\nCVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon McVittie\nfor reporting CVE-2012-0207.\n\nBug fixes:\n\n* When a sleeping task, waiting on a futex (fast userspace mutex), tried to\nget the spin_lock(hb-\u003elock) RT-mutex, if the owner of the futex released\nthe lock, the sleeping task was put on a futex proxy lock. Consequently,\nthe sleeping task was blocked on two locks and eventually terminated in the\nBUG_ON() function. With this update, the WAKEUP_INPROGRESS pseudo-lock has\nbeen added to be used as a proxy lock. This pseudo-lock tells the sleeping\ntask that it is being woken up so that the task no longer tries to get the\nsecond lock. Now, the futex code works as expected and sleeping tasks no\nlonger crash in the described scenario. (BZ#784733)\n\n* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some\nservices such as sshd and ipsec, while working properly, returned warning\nmessages regarding this missing option during start up. With this update,\nCONFIG_CRYPTO_FIPS has been enabled and no warning messages are now\nreturned in the described scenario. (BZ#786145)\n\n* Previously, when a read operation on a loop device failed, the data\nsuccessfully read from the device was not cleared and could eventually\nleak. This bug has been fixed and all data are now properly cleared in the\ndescribed scenario. (BZ#761420)\n\n* Due to an assembler-sourced object, the perf utility (from the perf-rt\npackage) for AMD64 and Intel 64 architectures contained an executable\nstack. This update adds the \".note.GNU-stack\" section definition to the\nbench/mem-memcpy-x86-64-asm.S component of perf, with all flags disabled,\nand perf no longer contains an executable stack, thus fixing this bug.\n(BZ#783570)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2012:0333", "url": "https://access.redhat.com/errata/RHSA-2012:0333" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "730706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" }, { "category": "external", "summary": "747106", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747106" }, { "category": "external", "summary": "749156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=749156" }, { "category": "external", "summary": "750399", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750399" }, { "category": "external", "summary": "751297", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=751297" }, { "category": "external", "summary": "752375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=752375" }, { "category": "external", "summary": "753341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341" }, { "category": "external", "summary": "772867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867" }, { "category": "external", "summary": "772894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=772894" }, { "category": "external", "summary": "773280", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=773280" }, { "category": "external", "summary": "784733", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=784733" }, { "category": "external", "summary": "786145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=786145" }, { "category": "external", "summary": "794557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_0333.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-22T05:59:03+00:00", "generator": { "date": "2024-11-22T05:59:03+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2012:0333", "initial_release_date": "2012-02-23T20:18:00+00:00", "revision_history": [ { "date": "2012-02-23T20:18:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2012-02-23T20:21:35+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T05:59:03+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat MRG Realtime for RHEL 6 Server v.2", "product": { "name": "Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6" } } } ], "category": "product_family", "name": "Red Hat Enterprise MRG for RHEL-6" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "product": { "name": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "product_id": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-firmware@3.0.18-rt34.53.el6rt?arch=noarch" } } }, { "category": "product_version", "name": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "product": { "name": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "product_id": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@3.0.18-rt34.53.el6rt?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.0.18-rt34.53.el6rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "product": { "name": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "product_id": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@3.0.18-rt34.53.el6rt?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.0.18-rt34.53.el6rt.src", "product": { "name": "kernel-rt-0:3.0.18-rt34.53.el6rt.src", "product_id": "kernel-rt-0:3.0.18-rt34.53.el6rt.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.0.18-rt34.53.el6rt?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.0.18-rt34.53.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src" }, "product_reference": "kernel-rt-0:3.0.18-rt34.53.el6rt.src", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch" }, "product_reference": "kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch" }, "product_reference": "kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2", "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" }, "product_reference": "kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64", "relates_to_product_reference": "6Server-MRG-Realtime-2" } ] }, "vulnerabilities": [ { "cve": "CVE-2011-2918", "discovery_date": "2011-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "730706" } ], "notes": [ { "category": "description", "text": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: perf: Fix software event overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect Red Hat Enterprise Linux 4 and 5 as they did not include support for perf. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2012-0333.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2918" }, { "category": "external", "summary": "RHBZ#730706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2918", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918" } ], "release_date": "2011-07-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: perf: Fix software event overflow" }, { "cve": "CVE-2011-4077", "discovery_date": "2011-04-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "749156" } ], "notes": [ { "category": "description", "text": "Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfs: potential buffer overflow in xfs_readlink()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not include support for XFS filesystem. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4077" }, { "category": "external", "summary": "RHBZ#749156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=749156" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4077", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4077" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4077", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4077" } ], "release_date": "2011-04-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: xfs: potential buffer overflow in xfs_readlink()" }, { "acknowledgments": [ { "names": [ "Shubham Goyal" ] } ], "cve": "CVE-2011-4097", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2011-11-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "750399" } ], "notes": [ { "category": "description", "text": "Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: oom_badness() integer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and 6 as they did not backport the upstream commit f755a04 that introduced this. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4097" }, { "category": "external", "summary": "RHBZ#750399", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=750399" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4097", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4097" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4097", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4097" } ], "release_date": "2011-10-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: oom_badness() integer overflow" }, { "cve": "CVE-2011-4110", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2011-11-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "751297" } ], "notes": [ { "category": "description", "text": "The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and \"updating a negative key into a fully instantiated key.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: keys: NULL pointer deref in the user-defined key type", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1479.html, https://rhn.redhat.com/errata/RHSA-2011-1530.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4110" }, { "category": "external", "summary": "RHBZ#751297", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=751297" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4110", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4110" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4110", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4110" } ], "release_date": "2011-11-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: keys: NULL pointer deref in the user-defined key type" }, { "cve": "CVE-2011-4127", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2011-11-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "752375" } ], "notes": [ { "category": "description", "text": "The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: possible privilege escalation via SG_IO ioctl", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0107.html, https://rhn.redhat.com/errata/RHSA-2011-1849.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4127" }, { "category": "external", "summary": "RHBZ#752375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=752375" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4127", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4127" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4127", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4127" } ], "release_date": "2011-12-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: possible privilege escalation via SG_IO ioctl" }, { "acknowledgments": [ { "names": [ "Andy Adamson" ] } ], "cve": "CVE-2011-4131", "discovery_date": "2011-07-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "747106" } ], "notes": [ { "category": "description", "text": "The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfs4_getfacl decoding kernel oops", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it does not provide support for NFS ACLs. This issue does not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html. Future kernel updates in Red Hat Enterprise Linux 6 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4131" }, { "category": "external", "summary": "RHBZ#747106", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747106" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4131", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4131" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4131", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4131" } ], "release_date": "2011-11-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: nfs4_getfacl decoding kernel oops" }, { "cve": "CVE-2011-4132", "discovery_date": "2011-04-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "753341" } ], "notes": [ { "category": "description", "text": "The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an \"invalid log first block value.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: jbd/jbd2: invalid value of first log block leads to oops", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,\n5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat\nEnterprise Linux 4 is now in Production 3 of the maintenance life-cycle,\nhttps://access.redhat.com/support/policy/updates/errata/, therefore the fix for\nthis issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-4132" }, { "category": "external", "summary": "RHBZ#753341", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=753341" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-4132", "url": "https://www.cve.org/CVERecord?id=CVE-2011-4132" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4132", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4132" } ], "release_date": "2011-11-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: jbd/jbd2: invalid value of first log block leads to oops" }, { "acknowledgments": [ { "names": [ "Wang Xi" ] } ], "cve": "CVE-2012-0038", "discovery_date": "2012-01-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "773280" } ], "notes": [ { "category": "description", "text": "Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: xfs heap overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not have support for the XFS file system. It did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 5 as it did not backport the upstream commit ef14f0c1 that introduced the vulnerability. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0333.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0038" }, { "category": "external", "summary": "RHBZ#773280", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=773280" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0038", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0038" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0038", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0038" } ], "release_date": "2011-12-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: xfs heap overflow" }, { "acknowledgments": [ { "names": [ "Chen Haogang" ] } ], "cve": "CVE-2012-0044", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2012-01-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "772894" } ], "notes": [ { "category": "description", "text": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport commit 884840aa that introduced this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0044" }, { "category": "external", "summary": "RHBZ#772894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=772894" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0044", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0044" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0044", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0044" } ], "release_date": "2011-11-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl()" }, { "acknowledgments": [ { "names": [ "Simon McVittie" ] } ], "cve": "CVE-2012-0207", "discovery_date": "2012-01-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "772867" } ], "notes": [ { "category": "description", "text": "The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit 5b7c8406.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0207" }, { "category": "external", "summary": "RHBZ#772867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0207", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0207" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207" } ], "release_date": "2012-01-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries" }, { "cve": "CVE-2012-0810", "discovery_date": "2012-01-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "794557" } ], "notes": [ { "category": "description", "text": "The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel-rt: stack corruption when task gets scheduled out using the debug stack", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and 6. This has been addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0333.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-0810" }, { "category": "external", "summary": "RHBZ#794557", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=794557" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-0810", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-0810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0810" } ], "release_date": "2012-02-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-02-23T20:18:00+00:00", "details": "Users should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:0333" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:C", "version": "2.0" }, "products": [ "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.src", "6Server-MRG-Realtime-2:kernel-rt-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debug-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-doc-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-firmware-0:3.0.18-rt34.53.el6rt.noarch", "6Server-MRG-Realtime-2:kernel-rt-trace-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-trace-devel-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-0:3.0.18-rt34.53.el6rt.x86_64", "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-0:3.0.18-rt34.53.el6rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel-rt: stack corruption when task gets scheduled out using the debug stack" } ] }
rhsa-2011_1350
Vulnerability from csaf_redhat
Published
2011-10-05 21:37
Modified
2024-11-22 05:02
Summary
Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Notes
Topic
Updated kernel packages that fix several security issues, various bugs, and
add one enhancement are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* Flaws in the AGPGART driver implementation when handling certain IOCTL
commands could allow a local user to cause a denial of service or escalate
their privileges. (CVE-2011-1745, CVE-2011-2022, Important)
* An integer overflow flaw in agp_allocate_memory() could allow a local
user to cause a denial of service or escalate their privileges.
(CVE-2011-1746, Important)
* A race condition flaw was found in the Linux kernel's eCryptfs
implementation. A local attacker could use the mount.ecryptfs_private
utility to mount (and then access) a directory they would otherwise not
have access to. Note: To correct this issue, the RHSA-2011:1241
ecryptfs-utils update, which provides the user-space part of the fix, must
also be installed. (CVE-2011-1833, Moderate)
* A denial of service flaw was found in the way the taskstats subsystem
handled the registration of process exit handlers. A local, unprivileged
user could register an unlimited amount of these handlers, leading to
excessive CPU time and memory use. (CVE-2011-2484, Moderate)
* A flaw was found in the way mapping expansions were handled. A local,
unprivileged user could use this flaw to cause a wrapping condition,
triggering a denial of service. (CVE-2011-2496, Moderate)
* A flaw was found in the Linux kernel's Performance Events implementation.
It could falsely lead the NMI (Non-Maskable Interrupt) Watchdog to detect a
lockup and panic the system. A local, unprivileged user could use this flaw
to cause a denial of service (kernel panic) using the perf tool.
(CVE-2011-2521, Moderate)
* A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO
(Generic Receive Offload) fields being left in an inconsistent state. An
attacker on the local network could use this flaw to trigger a denial of
service. GRO is enabled by default in all network drivers that support it.
(CVE-2011-2723, Moderate)
* A flaw was found in the way the Linux kernel's Performance Events
implementation handled PERF_COUNT_SW_CPU_CLOCK counter overflow. A local,
unprivileged user could use this flaw to cause a denial of service.
(CVE-2011-2918, Moderate)
* A flaw was found in the Linux kernel's Trusted Platform Module (TPM)
implementation. A local, unprivileged user could use this flaw to leak
information to user-space. (CVE-2011-1160, Low)
* Flaws were found in the tpacket_rcv() and packet_recvmsg() functions in
the Linux kernel. A local, unprivileged user could use these flaws to leak
information to user-space. (CVE-2011-2898, Low)
Red Hat would like to thank Vasiliy Kulikov of Openwall for reporting
CVE-2011-1745, CVE-2011-2022, CVE-2011-1746, and CVE-2011-2484; the Ubuntu
Security Team for reporting CVE-2011-1833; Robert Swiecki for reporting
CVE-2011-2496; Li Yu for reporting CVE-2011-2521; Brent Meshier for
reporting CVE-2011-2723; and Peter Huewe for reporting CVE-2011-1160. The
Ubuntu Security Team acknowledges Vasiliy Kulikov of Openwall and Dan
Rosenberg as the original reporters of CVE-2011-1833.
This update also fixes various bugs and adds one enhancement. Documentation
for these changes will be available shortly from the Technical Notes
document linked to in the References section.
Users should upgrade to these updated packages, which contain backported
patches to correct these issues, and fix the bugs and add the enhancement
noted in the Technical Notes. The system must be rebooted for this update
to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated kernel packages that fix several security issues, various bugs, and\nadd one enhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Flaws in the AGPGART driver implementation when handling certain IOCTL\ncommands could allow a local user to cause a denial of service or escalate\ntheir privileges. (CVE-2011-1745, CVE-2011-2022, Important)\n\n* An integer overflow flaw in agp_allocate_memory() could allow a local\nuser to cause a denial of service or escalate their privileges.\n(CVE-2011-1746, Important)\n\n* A race condition flaw was found in the Linux kernel\u0027s eCryptfs\nimplementation. A local attacker could use the mount.ecryptfs_private\nutility to mount (and then access) a directory they would otherwise not\nhave access to. Note: To correct this issue, the RHSA-2011:1241\necryptfs-utils update, which provides the user-space part of the fix, must\nalso be installed. (CVE-2011-1833, Moderate)\n\n* A denial of service flaw was found in the way the taskstats subsystem\nhandled the registration of process exit handlers. A local, unprivileged\nuser could register an unlimited amount of these handlers, leading to\nexcessive CPU time and memory use. (CVE-2011-2484, Moderate)\n\n* A flaw was found in the way mapping expansions were handled. A local,\nunprivileged user could use this flaw to cause a wrapping condition,\ntriggering a denial of service. (CVE-2011-2496, Moderate)\n\n* A flaw was found in the Linux kernel\u0027s Performance Events implementation.\nIt could falsely lead the NMI (Non-Maskable Interrupt) Watchdog to detect a\nlockup and panic the system. A local, unprivileged user could use this flaw\nto cause a denial of service (kernel panic) using the perf tool.\n(CVE-2011-2521, Moderate)\n\n* A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO\n(Generic Receive Offload) fields being left in an inconsistent state. An\nattacker on the local network could use this flaw to trigger a denial of\nservice. GRO is enabled by default in all network drivers that support it.\n(CVE-2011-2723, Moderate)\n\n* A flaw was found in the way the Linux kernel\u0027s Performance Events\nimplementation handled PERF_COUNT_SW_CPU_CLOCK counter overflow. A local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-2918, Moderate)\n\n* A flaw was found in the Linux kernel\u0027s Trusted Platform Module (TPM)\nimplementation. A local, unprivileged user could use this flaw to leak\ninformation to user-space. (CVE-2011-1160, Low)\n\n* Flaws were found in the tpacket_rcv() and packet_recvmsg() functions in\nthe Linux kernel. A local, unprivileged user could use these flaws to leak\ninformation to user-space. (CVE-2011-2898, Low)\n\nRed Hat would like to thank Vasiliy Kulikov of Openwall for reporting\nCVE-2011-1745, CVE-2011-2022, CVE-2011-1746, and CVE-2011-2484; the Ubuntu\nSecurity Team for reporting CVE-2011-1833; Robert Swiecki for reporting\nCVE-2011-2496; Li Yu for reporting CVE-2011-2521; Brent Meshier for\nreporting CVE-2011-2723; and Peter Huewe for reporting CVE-2011-1160. The\nUbuntu Security Team acknowledges Vasiliy Kulikov of Openwall and Dan\nRosenberg as the original reporters of CVE-2011-1833.\n\nThis update also fixes various bugs and adds one enhancement. Documentation\nfor these changes will be available shortly from the Technical Notes\ndocument linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs and add the enhancement\nnoted in the Technical Notes. The system must be rebooted for this update\nto take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2011:1350", "url": "https://access.redhat.com/errata/RHSA-2011:1350" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://rhn.redhat.com/errata/RHSA-2011-1241.html", "url": "https://rhn.redhat.com/errata/RHSA-2011-1241.html" }, { "category": "external", "summary": "https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-1350", "url": "https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/6.1_Technical_Notes/kernel.html#RHSA-2011-1350" }, { "category": "external", "summary": "684671", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=684671" }, { "category": "external", "summary": "698996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=698996" }, { "category": "external", "summary": "698998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=698998" }, { "category": "external", "summary": "713463", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=713463" }, { "category": "external", "summary": "715436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=715436" }, { "category": "external", "summary": "716538", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716538" }, { "category": "external", "summary": "719228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=719228" }, { "category": "external", "summary": "726552", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=726552" }, { "category": "external", "summary": "728023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=728023" }, { "category": "external", "summary": "730706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" }, { "category": "external", "summary": "731172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172" }, { "category": "external", "summary": "732379", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732379" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1350.json" } ], "title": "Red Hat Security Advisory: kernel security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-22T05:02:16+00:00", "generator": { "date": "2024-11-22T05:02:16+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2011:1350", "initial_release_date": "2011-10-05T21:37:00+00:00", "revision_history": [ { "date": "2011-10-05T21:37:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2011-10-05T17:47:16+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T05:02:16+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-bootwrapper@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product_id": "perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "perf-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "perf-0:2.6.32-131.17.1.el6.ppc64", "product_id": "perf-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@2.6.32-131.17.1.el6?arch=ppc64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "product": { "name": "kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "product_id": "kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64@2.6.32-131.17.1.el6?arch=ppc64" } } } ], "category": "architecture", "name": "ppc64" }, { "branches": [ { "category": "product_version", "name": "kernel-headers-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-headers-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-devel-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-i686@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-debug-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-debug-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "product": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "product_id": "perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "kernel-0:2.6.32-131.17.1.el6.i686", "product": { "name": "kernel-0:2.6.32-131.17.1.el6.i686", "product_id": "kernel-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@2.6.32-131.17.1.el6?arch=i686" } } }, { "category": "product_version", "name": "perf-0:2.6.32-131.17.1.el6.i686", "product": { "name": "perf-0:2.6.32-131.17.1.el6.i686", "product_id": "perf-0:2.6.32-131.17.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@2.6.32-131.17.1.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "kernel-headers-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-headers-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-devel-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-kdump-debuginfo@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-kdump@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-debug-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_id": "perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-kdump-devel@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "perf-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "perf-0:2.6.32-131.17.1.el6.s390x", "product_id": "perf-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@2.6.32-131.17.1.el6?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "product": { "name": "kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "product_id": "kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@2.6.32-131.17.1.el6?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product_id": "perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "kernel-0:2.6.32-131.17.1.el6.x86_64", "product_id": "kernel-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@2.6.32-131.17.1.el6?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:2.6.32-131.17.1.el6.x86_64", "product": { "name": "perf-0:2.6.32-131.17.1.el6.x86_64", "product_id": "perf-0:2.6.32-131.17.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@2.6.32-131.17.1.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "product": { "name": "kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "product_id": "kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-firmware@2.6.32-131.17.1.el6?arch=noarch" } } }, { "category": "product_version", "name": "kernel-doc-0:2.6.32-131.17.1.el6.noarch", "product": { "name": "kernel-doc-0:2.6.32-131.17.1.el6.noarch", "product_id": "kernel-doc-0:2.6.32-131.17.1.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-doc@2.6.32-131.17.1.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-0:2.6.32-131.17.1.el6.src", "product": { "name": "kernel-0:2.6.32-131.17.1.el6.src", "product_id": "kernel-0:2.6.32-131.17.1.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@2.6.32-131.17.1.el6?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-131.17.1.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src" }, "product_reference": "kernel-0:2.6.32-131.17.1.el6.src", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-debug-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-debug-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-devel-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-devel-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:2.6.32-131.17.1.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch" }, "product_reference": "kernel-doc-0:2.6.32-131.17.1.el6.noarch", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-firmware-0:2.6.32-131.17.1.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch" }, "product_reference": "kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "kernel-headers-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-headers-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-kdump-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "perf-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "perf-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "perf-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "perf-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686" }, "product_reference": "perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64" }, "product_reference": "perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.s390x as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x" }, "product_reference": "perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "relates_to_product_reference": "6Server-6.1.z" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" }, "product_reference": "perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "relates_to_product_reference": "6Server-6.1.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Peter Huewe" ] } ], "cve": "CVE-2011-1160", "discovery_date": "2011-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "684671" } ], "notes": [ { "category": "description", "text": "The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tpm infoleaks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1160" }, { "category": "external", "summary": "RHBZ#684671", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=684671" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1160", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1160" } ], "release_date": "2011-03-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: tpm infoleaks" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1745", "discovery_date": "2011-04-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "698996" } ], "notes": [ { "category": "description", "text": "Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of Linux kernel as shipped with Red Hat\nEnterprise 4, 5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1745" }, { "category": "external", "summary": "RHBZ#698996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=698996" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1745", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1745" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1745", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1745" } ], "release_date": "2011-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-1746", "discovery_date": "2011-04-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "698998" } ], "notes": [ { "category": "description", "text": "Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise 4, 5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1746" }, { "category": "external", "summary": "RHBZ#698998", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=698998" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1746", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1746" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1746", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1746" } ], "release_date": "2011-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()" }, { "acknowledgments": [ { "names": [ "Ubuntu Security Team" ] } ], "cve": "CVE-2011-1833", "cwe": { "id": "CWE-367", "name": "Time-of-check Time-of-use (TOCTOU) Race Condition" }, "discovery_date": "2011-08-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "731172" } ], "notes": [ { "category": "description", "text": "Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ecryptfs: mount source TOCTOU race", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-1833" }, { "category": "external", "summary": "RHBZ#731172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=731172" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1833", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1833" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1833", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1833" } ], "release_date": "2011-08-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: ecryptfs: mount source TOCTOU race" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-2022", "discovery_date": "2011-04-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "698996" } ], "notes": [ { "category": "description", "text": "The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of Linux kernel as shipped with Red Hat\nEnterprise 4, 5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2022" }, { "category": "external", "summary": "RHBZ#698996", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=698996" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2022", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2022" } ], "release_date": "2011-04-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls" }, { "acknowledgments": [ { "names": [ "Vasiliy Kulikov" ], "organization": "Openwall" } ], "cve": "CVE-2011-2484", "discovery_date": "2011-06-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "715436" } ], "notes": [ { "category": "description", "text": "The add_del_listener function in kernel/taskstats.c in the Linux kernel 2.6.39.1 and earlier does not prevent multiple registrations of exit handlers, which allows local users to cause a denial of service (memory and CPU consumption), and bypass the OOM Killer, via a crafted application.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: taskstats: duplicate entries in listener mode can lead to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat\nEnterprise Linux 4 as it did not provide support for the Taskstats interface. This was fixed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2011-1253.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2484" }, { "category": "external", "summary": "RHBZ#715436", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=715436" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2484", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2484" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2484", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2484" } ], "release_date": "2011-06-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: taskstats: duplicate entries in listener mode can lead to DoS" }, { "acknowledgments": [ { "names": [ "Robert Swiecki" ] } ], "cve": "CVE-2011-2496", "discovery_date": "2011-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "716538" } ], "notes": [ { "category": "description", "text": "Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2496" }, { "category": "external", "summary": "RHBZ#716538", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=716538" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2496", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2496" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2496", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2496" } ], "release_date": "2011-04-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mm: avoid wrapping vm_pgoff in mremap() and stack expansions" }, { "acknowledgments": [ { "names": [ "Li Yu" ] } ], "cve": "CVE-2011-2521", "discovery_date": "2011-07-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "719228" } ], "notes": [ { "category": "description", "text": "The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: perf, x86: fix Intel fixed counters base initialization", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG as they did not backport the upstream commit 41bf498 that introduced the issue. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2011-1350.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2521" }, { "category": "external", "summary": "RHBZ#719228", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=719228" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2521", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2521" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2521", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2521" } ], "release_date": "2011-03-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: perf, x86: fix Intel fixed counters base initialization" }, { "acknowledgments": [ { "names": [ "Brent Meshier" ] } ], "cve": "CVE-2011-2723", "discovery_date": "2011-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "726552" } ], "notes": [ { "category": "description", "text": "The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: gro: only reset frag0 when skb can be pulled", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit a5b1cf28 that introduced this issue. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2723" }, { "category": "external", "summary": "RHBZ#726552", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=726552" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2723", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2723" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2723", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2723" }, { "category": "external", "summary": "http://git.kernel.org/linus/17dd759c67f21e34f2156abcf415e1f60605a188", "url": "http://git.kernel.org/linus/17dd759c67f21e34f2156abcf415e1f60605a188" } ], "release_date": "2011-07-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 5.7, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: gro: only reset frag0 when skb can be pulled" }, { "cve": "CVE-2011-2898", "discovery_date": "2011-08-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "728023" } ], "notes": [ { "category": "description", "text": "net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: af_packet: infoleak", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit 393e52e3 that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2012-0010.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2898" }, { "category": "external", "summary": "RHBZ#728023", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=728023" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2898", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2898" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2898", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2898" } ], "release_date": "2011-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: af_packet: infoleak" }, { "cve": "CVE-2011-2918", "discovery_date": "2011-07-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "730706" } ], "notes": [ { "category": "description", "text": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: perf: Fix software event overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect Red Hat Enterprise Linux 4 and 5 as they did not include support for perf. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2012-0333.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2011-2918" }, { "category": "external", "summary": "RHBZ#730706", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2011-2918", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2918" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918" } ], "release_date": "2011-07-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2011-10-05T21:37:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2011:1350" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.src", "6Server-6.1.z:kernel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-bootwrapper-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debug-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-debuginfo-common-i686-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-debuginfo-common-ppc64-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-debuginfo-common-s390x-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-debuginfo-common-x86_64-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-devel-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-doc-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-firmware-0:2.6.32-131.17.1.el6.noarch", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-headers-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:kernel-kdump-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:kernel-kdump-devel-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-0:2.6.32-131.17.1.el6.x86_64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.i686", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.ppc64", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.s390x", "6Server-6.1.z:perf-debuginfo-0:2.6.32-131.17.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: perf: Fix software event overflow" } ] }
ghsa-4v9j-mhhp-7qmp
Vulnerability from github
Published
2022-05-13 01:24
Modified
2022-05-13 01:24
Severity ?
Details
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
{ "affected": [], "aliases": [ "CVE-2011-2918" ], "database_specific": { "cwe_ids": [ "CWE-400" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2012-05-24T23:55:00Z", "severity": "MODERATE" }, "details": "The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.", "id": "GHSA-4v9j-mhhp-7qmp", "modified": "2022-05-13T01:24:57Z", "published": "2022-05-13T01:24:57Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2918" }, { "type": "WEB", "url": "https://github.com/torvalds/linux/commit/a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=730706" }, { "type": "WEB", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "type": "WEB", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a8b0ca17b80e92faab46ee7179ba9e99ccb61233" }, { "type": "WEB", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.1" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2011/08/16/1" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.