rhsa-2010_0041
Vulnerability from csaf_redhat
Published
2010-01-21 14:10
Modified
2024-11-22 03:26
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix multiple security issues and several
bugs are now available for Red Hat Enterprise MRG 1.2.
This update has been rated as having important security impact by the Red
Hat Security Response Team.
Details
The kernel-rt packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* an array index error was found in the gdth driver in the Linux kernel. A
local user could send a specially-crafted IOCTL request that would cause a
denial of service or, possibly, privilege escalation. (CVE-2009-3080,
Important)
* a flaw was found in the FUSE implementation in the Linux kernel. When a
system is low on memory, fuse_put_request() could dereference an invalid
pointer, possibly leading to a local denial of service or privilege
escalation. (CVE-2009-4021, Important)
* a flaw was found in each of the following Intel PRO/1000 Linux drivers in
the Linux kernel: e1000 and e1000e. A remote attacker using packets larger
than the MTU could bypass the existing fragment check, resulting in
partial, invalid frames being passed to the network stack. These flaws
could also possibly be used to trigger a remote denial of service.
(CVE-2009-4536, CVE-2009-4538, Important)
* a flaw was found in the Realtek r8169 Ethernet driver in the Linux
kernel. Receiving overly-long frames with a certain revision of the network
cards supported by this driver could possibly result in a remote denial of
service. (CVE-2009-4537, Important)
This update also fixes the following bugs:
* the "function tracer" from ftrace could eventually present problems when
a module was unloaded during a tracing session. Some of the related call
site entries for that module were not removed from ftrace's internal lists
and could lead to confusing "oops" error messages. The call site entries
are now removed correctly, and the errors no longer occur. (BZ#537472)
* when using the kernel in tickless (or NOHZ) mode, time was not
accumulated one tick at a time. This created latencies when the accumulated
interval grew large. Time is now accumulated logarithmically and latencies
related to tickless mode no longer occur. (BZ#538370)
* running the "cset set" command was resulting in unsafe access to a
structure that could be concurrently changed. This was eventually causing
the kernel to crash. The operations were repositioned so that they no
longer add locks, to minimize performance penalties. (BZ#541080)
* the function used to calculate system load called different functions to
count the tasks in running and interpretable states. On systems with a
large number of CPUs, this could result in several TLB and cache misses.
These functions have now been combined, and the problem has been
significantly reduced. (BZ#552860)
* when legacy PCI bus checks occurred, an off-by-one error would present.
Scanning 255 PCI buses is now allowed as 0xff is a valid bus, and the error
no longer occurs. (BZ#552874)
* on systems with 8 or more CPUs, an unnecessary anon_vma lock acquisition
in vma_adjust() was causing a decrease in throughput. Code from the
upstream kernel was backported, and the throughput decrease no longer
exists. (BZ#552876)
* the scheduler function double_lock_balance() favors logically lower CPUs.
This could cause logically higher CPUs to be starved if run queues were
under a lot of pressure, resulting in latencies. The algorithm has been
adjusted so that it is fairer, and logically higher CPUs no longer risk
being starved. (BZ#552877)
These updated packages also include other bug fixes. Users are directed to
the Red Hat Enterprise MRG 1.2 Release Notes for information on those
fixes, available shortly from:
http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/
Users should upgrade to these updated packages, which contain backported
patches to correct these issues. The system must be rebooted for this
update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated kernel-rt packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise MRG 1.2.\n\nThis update has been rated as having important security impact by the Red\nHat Security Response Team.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* an array index error was found in the gdth driver in the Linux kernel. A\nlocal user could send a specially-crafted IOCTL request that would cause a\ndenial of service or, possibly, privilege escalation. (CVE-2009-3080,\nImportant)\n\n* a flaw was found in the FUSE implementation in the Linux kernel. When a\nsystem is low on memory, fuse_put_request() could dereference an invalid\npointer, possibly leading to a local denial of service or privilege\nescalation. (CVE-2009-4021, Important)\n\n* a flaw was found in each of the following Intel PRO/1000 Linux drivers in\nthe Linux kernel: e1000 and e1000e. A remote attacker using packets larger\nthan the MTU could bypass the existing fragment check, resulting in\npartial, invalid frames being passed to the network stack. These flaws\ncould also possibly be used to trigger a remote denial of service.\n(CVE-2009-4536, CVE-2009-4538, Important)\n\n* a flaw was found in the Realtek r8169 Ethernet driver in the Linux\nkernel. Receiving overly-long frames with a certain revision of the network\ncards supported by this driver could possibly result in a remote denial of\nservice. (CVE-2009-4537, Important)\n\nThis update also fixes the following bugs:\n\n* the \"function tracer\" from ftrace could eventually present problems when\na module was unloaded during a tracing session. Some of the related call\nsite entries for that module were not removed from ftrace\u0027s internal lists\nand could lead to confusing \"oops\" error messages. The call site entries\nare now removed correctly, and the errors no longer occur. (BZ#537472)\n\n* when using the kernel in tickless (or NOHZ) mode, time was not\naccumulated one tick at a time. This created latencies when the accumulated\ninterval grew large. Time is now accumulated logarithmically and latencies\nrelated to tickless mode no longer occur. (BZ#538370)\n\n* running the \"cset set\" command was resulting in unsafe access to a\nstructure that could be concurrently changed. This was eventually causing\nthe kernel to crash. The operations were repositioned so that they no\nlonger add locks, to minimize performance penalties. (BZ#541080)\n\n* the function used to calculate system load called different functions to\ncount the tasks in running and interpretable states. On systems with a\nlarge number of CPUs, this could result in several TLB and cache misses.\nThese functions have now been combined, and the problem has been\nsignificantly reduced. (BZ#552860)\n\n* when legacy PCI bus checks occurred, an off-by-one error would present.\nScanning 255 PCI buses is now allowed as 0xff is a valid bus, and the error\nno longer occurs. (BZ#552874)\n\n* on systems with 8 or more CPUs, an unnecessary anon_vma lock acquisition\nin vma_adjust() was causing a decrease in throughput. Code from the\nupstream kernel was backported, and the throughput decrease no longer\nexists. (BZ#552876)\n\n* the scheduler function double_lock_balance() favors logically lower CPUs.\nThis could cause logically higher CPUs to be starved if run queues were\nunder a lot of pressure, resulting in latencies. The algorithm has been\nadjusted so that it is fairer, and logically higher CPUs no longer risk\nbeing starved. (BZ#552877)\n\nThese updated packages also include other bug fixes. Users are directed to\nthe Red Hat Enterprise MRG 1.2 Release Notes for information on those\nfixes, available shortly from:\n\nhttp://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2010:0041", "url": "https://access.redhat.com/errata/RHSA-2010:0041" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/", "url": "http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/" }, { "category": "external", "summary": "537472", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=537472" }, { "category": "external", "summary": "538734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=538734" }, { "category": "external", "summary": "539414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539414" }, { "category": "external", "summary": "541080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541080" }, { "category": "external", "summary": "550907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=550907" }, { "category": "external", "summary": "551214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=551214" }, { "category": "external", "summary": "552126", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=552126" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0041.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-22T03:26:51+00:00", "generator": { "date": "2024-11-22T03:26:51+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2010:0041", "initial_release_date": "2010-01-21T14:10:00+00:00", "revision_history": [ { "date": "2010-01-21T14:10:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2010-01-21T09:10:26+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T03:26:51+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "MRG Realtime for RHEL 5 Server", "product": { "name": "MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5" } } } ], "category": "product_family", "name": "Red Hat Enterprise MRG for RHEL-5" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-146.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "product": { "name": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "product_id": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-146.el5rt?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-146.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "product_id": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-146.el5rt?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "product": { "name": "kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "product_id": "kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-146.el5rt?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-146.el5rt.src", "product": { "name": "kernel-rt-0:2.6.24.7-146.el5rt.src", "product_id": "kernel-rt-0:2.6.24.7-146.el5rt.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-146.el5rt?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-146.el5rt.src as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src" }, "product_reference": "kernel-rt-0:2.6.24.7-146.el5rt.src", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch" }, "product_reference": "kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2009-3080", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2009-11-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "539414" } ], "notes": [ { "category": "description", "text": "Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: gdth: Prevent negative offsets in ioctl", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-3080" }, { "category": "external", "summary": "RHBZ#539414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=539414" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-3080", "url": "https://www.cve.org/CVERecord?id=CVE-2009-3080" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3080", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3080" } ], "release_date": "2009-11-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-21T14:10:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0041" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: gdth: Prevent negative offsets in ioctl" }, { "cve": "CVE-2009-4021", "discovery_date": "2009-11-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "538734" } ], "notes": [ { "category": "description", "text": "The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fuse: prevent fuse_put_request on invalid pointer", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2009-4021\n\nThe Linux kernel packages as shipped with Red Hat Enterprise Linux 3 and 4 do not include support for FUSE, and therefore are not affected by this issue.\n\nA future kernel update for Red Hat Enterprise MRG will address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-4021" }, { "category": "external", "summary": "RHBZ#538734", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=538734" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4021", "url": "https://www.cve.org/CVERecord?id=CVE-2009-4021" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4021", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4021" } ], "release_date": "2009-10-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-21T14:10:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0041" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 4.6, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: fuse: prevent fuse_put_request on invalid pointer" }, { "cve": "CVE-2009-4536", "discovery_date": "2009-12-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "552126" } ], "notes": [ { "category": "description", "text": "drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1385.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: e1000 issue reported at 26c3", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-4536" }, { "category": "external", "summary": "RHBZ#552126", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=552126" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4536", "url": "https://www.cve.org/CVERecord?id=CVE-2009-4536" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4536", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4536" } ], "release_date": "2009-12-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-21T14:10:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0041" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: e1000 issue reported at 26c3" }, { "cve": "CVE-2009-4537", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2009-12-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "550907" } ], "notes": [ { "category": "description", "text": "drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via a packet with a crafted size, in conjunction with certain packets containing A characters and certain packets containing E characters; or (2) cause a denial of service (system crash) via a packet with a crafted size, in conjunction with certain packets containing \u0027\\0\u0027 characters, related to the value of the status register and erroneous behavior associated with the RxMaxSize register. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-1389.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: r8169 issue reported at 26c3", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-4537" }, { "category": "external", "summary": "RHBZ#550907", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=550907" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4537", "url": "https://www.cve.org/CVERecord?id=CVE-2009-4537" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4537", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4537" } ], "release_date": "2009-12-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-21T14:10:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0041" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: r8169 issue reported at 26c3" }, { "cve": "CVE-2009-4538", "discovery_date": "2009-12-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "551214" } ], "notes": [ { "category": "description", "text": "drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: e1000e frame fragment issue", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-4538" }, { "category": "external", "summary": "RHBZ#551214", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=551214" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4538", "url": "https://www.cve.org/CVERecord?id=CVE-2009-4538" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4538", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4538" } ], "release_date": "2009-12-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-01-21T14:10:00+00:00", "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0041" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-146.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-146.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-146.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: e1000e frame fragment issue" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.