rhsa-2009_1635
Vulnerability from csaf_redhat
Published
2009-12-03 11:27
Modified
2024-11-22 03:26
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
Updated kernel-rt packages that fix security issues, two bugs, and add two
enhancements are now available for Red Hat Enterprise MRG 1.2.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
These updated packages fix the following security issues:
* a NULL pointer dereference flaw was found in the NFSv4 implementation in
the Linux kernel. Several of the NFSv4 file locking functions failed to
check whether a file had been opened on the server before performing
locking operations on it. A local user on a system with an NFSv4 share
mounted could possibly use this flaw to cause a denial of service or
escalate their privileges. (CVE-2009-3726, Important)
* permission issues were found in the megaraid_sas driver (for SAS based
RAID controllers) in the Linux kernel. The "dbg_lvl" and "poll_mode_io"
files on the sysfs file system ("/sys/") had world-writable permissions.
This could allow local, unprivileged users to change the behavior of the
driver. (CVE-2009-3889, CVE-2009-3939, Moderate)
These updated packages also fix the following bugs:
* a problem existed with the i5000_edac driver under some topologies. In
some cases, this driver failed to export memory devices via sysfs,
preventing the ibm-prtm service from starting. With this update, the memory
devices are accessible, allowing the ibm-prtm service to start, and
therefore perform SMI remediation as expected. (BZ#527421)
* the "/proc/sys/vm/mmap_min_addr" tunable helps prevent unprivileged
users from creating new memory mappings below the minimum address. The
sysctl value for mmap_min_addr could be changed by a process or user that
has an effective user ID (euid) of 0, even if the process or user does not
have the CAP_SYS_RAWIO capability. This update adds a capability check for
the CAP_SYS_RAWIO capability before allowing the mmap_min_addr value to be
changed. (BZ#534019)
As well, these updated packages add the following enhancements:
* the Intel ixgbe driver was updated to upstream version 2.0.16-k2.
(BZ#537505)
* the InfiniBand OFED driver was updated to upstream version 1.4.1.
(BZ#537500)
Users should upgrade to these updated packages, which contain backported
patches to correct these issues and add these enhancements. The system must
be rebooted for this update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated kernel-rt packages that fix security issues, two bugs, and add two\nenhancements are now available for Red Hat Enterprise MRG 1.2.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated packages fix the following security issues:\n\n* a NULL pointer dereference flaw was found in the NFSv4 implementation in\nthe Linux kernel. Several of the NFSv4 file locking functions failed to\ncheck whether a file had been opened on the server before performing\nlocking operations on it. A local user on a system with an NFSv4 share\nmounted could possibly use this flaw to cause a denial of service or\nescalate their privileges. (CVE-2009-3726, Important)\n\n* permission issues were found in the megaraid_sas driver (for SAS based\nRAID controllers) in the Linux kernel. The \"dbg_lvl\" and \"poll_mode_io\"\nfiles on the sysfs file system (\"/sys/\") had world-writable permissions.\nThis could allow local, unprivileged users to change the behavior of the\ndriver. (CVE-2009-3889, CVE-2009-3939, Moderate)\n\nThese updated packages also fix the following bugs:\n\n* a problem existed with the i5000_edac driver under some topologies. In\nsome cases, this driver failed to export memory devices via sysfs,\npreventing the ibm-prtm service from starting. With this update, the memory\ndevices are accessible, allowing the ibm-prtm service to start, and\ntherefore perform SMI remediation as expected. (BZ#527421)\n\n* the \"/proc/sys/vm/mmap_min_addr\" tunable helps prevent unprivileged\nusers from creating new memory mappings below the minimum address. The\nsysctl value for mmap_min_addr could be changed by a process or user that\nhas an effective user ID (euid) of 0, even if the process or user does not\nhave the CAP_SYS_RAWIO capability. This update adds a capability check for\nthe CAP_SYS_RAWIO capability before allowing the mmap_min_addr value to be\nchanged. (BZ#534019)\n\nAs well, these updated packages add the following enhancements:\n\n* the Intel ixgbe driver was updated to upstream version 2.0.16-k2.\n(BZ#537505)\n\n* the InfiniBand OFED driver was updated to upstream version 1.4.1.\n(BZ#537500)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1635",
"url": "https://access.redhat.com/errata/RHSA-2009:1635"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "526068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526068"
},
{
"category": "external",
"summary": "527421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=527421"
},
{
"category": "external",
"summary": "529227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529227"
},
{
"category": "external",
"summary": "534019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=534019"
},
{
"category": "external",
"summary": "537500",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=537500"
},
{
"category": "external",
"summary": "537505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=537505"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1635.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T03:26:07+00:00",
"generator": {
"date": "2024-11-22T03:26:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2009:1635",
"initial_release_date": "2009-12-03T11:27:00+00:00",
"revision_history": [
{
"date": "2009-12-03T11:27:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-12-03T06:27:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:26:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MRG Realtime for RHEL 5 Server",
"product": {
"name": "MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:1::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-5"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-139.el5rt?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-139.el5rt.i686",
"product": {
"name": "kernel-rt-0:2.6.24.7-139.el5rt.i686",
"product_id": "kernel-rt-0:2.6.24.7-139.el5rt.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-139.el5rt?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-139.el5rt?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"product": {
"name": "kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"product_id": "kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-139.el5rt?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"product": {
"name": "kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"product_id": "kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-139.el5rt?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:2.6.24.7-139.el5rt.src",
"product": {
"name": "kernel-rt-0:2.6.24.7-139.el5rt.src",
"product_id": "kernel-rt-0:2.6.24.7-139.el5rt.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-139.el5rt?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-139.el5rt.src as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src"
},
"product_reference": "kernel-rt-0:2.6.24.7-139.el5rt.src",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch"
},
"product_reference": "kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server",
"product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
},
"product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64",
"relates_to_product_reference": "5Server-MRG-Realtime-1.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Simon Vallet"
]
}
],
"cve": "CVE-2009-3726",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2009-11-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "529227"
}
],
"notes": [
{
"category": "description",
"text": "The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfsv4: kernel panic in nfs4_proc_lock()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Linux kernel as shipped with Red Hat Enterprise Linux 3 did not have support for NFSv4, and therefore is not affected by this issue. It was addressed in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0474.html, https://rhn.redhat.com/errata/RHSA-2009-1670.html and https://rhn.redhat.com/errata/RHSA-2009-1635.html respectively.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3726"
},
{
"category": "external",
"summary": "RHBZ#529227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529227"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3726",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3726"
}
],
"release_date": "2008-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-12-03T11:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1635"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: nfsv4: kernel panic in nfs4_proc_lock()"
},
{
"cve": "CVE-2009-3889",
"discovery_date": "2009-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "526068"
}
],
"notes": [
{
"category": "description",
"text": "The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: megaraid_sas permissions in sysfs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 3, as it does not implement the sysfs file system (\"/sys/\"), through which dbg_lvl file is exposed by the megaraid_sas driver.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3889"
},
{
"category": "external",
"summary": "RHBZ#526068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3889",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3889"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3889",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3889"
}
],
"release_date": "2009-09-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-12-03T11:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1635"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: megaraid_sas permissions in sysfs"
},
{
"cve": "CVE-2009-3939",
"discovery_date": "2009-11-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "526068"
}
],
"notes": [
{
"category": "description",
"text": "The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: megaraid_sas permissions in sysfs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 3, as it does not implement the sysfs file system (\"/sys/\"), through which poll_mode_io file is exposed by the megaraid_sas driver.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3939"
},
{
"category": "external",
"summary": "RHBZ#526068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=526068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3939",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3939"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3939",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3939"
}
],
"release_date": "2009-09-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-12-03T11:27:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1635"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.src",
"5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-139.el5rt.noarch",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-139.el5rt.x86_64",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.i686",
"5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-139.el5rt.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: megaraid_sas permissions in sysfs"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.