rhsa-2010_0631
Vulnerability from csaf_redhat
Published
2010-08-17 15:52
Modified
2024-11-22 03:38
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
Updated kernel-rt packages that fix multiple security issues and several
bugs are now available for Red Hat Enterprise MRG 1.2.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
[Updated 18 August 2010]
The CVE-2010-2240 description has been updated to reflect that the issue
affects both 32-bit and 64-bit systems. No changes have been made to the
packages.
Details
These packages contain the Linux kernel, the core of any Linux operating
system.
Security fixes:
* unsafe sprintf() use in the Bluetooth implementation. Creating a large
number of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary
memory pages being overwritten, allowing a local, unprivileged user to
cause a denial of service or escalate their privileges. (CVE-2010-1084,
Important)
* a flaw in the Unidirectional Lightweight Encapsulation implementation,
allowing a remote attacker to send a specially-crafted ISO MPEG-2 Transport
Stream frame to a target system, resulting in a denial of service.
(CVE-2010-1086, Important)
* NULL pointer dereference in nfs_wb_page_cancel(), allowing a local user
on a system that has an NFS-mounted file system to cause a denial of
service or escalate their privileges on that system. (CVE-2010-1087,
Important)
* flaw in sctp_process_unk_param(), allowing a remote attacker to send a
specially-crafted SCTP packet to an SCTP listening port on a target system,
causing a denial of service. (CVE-2010-1173, Important)
* race condition between finding a keyring by name and destroying a freed
keyring in the key management facility, allowing a local, unprivileged
user to cause a denial of service or escalate their privileges.
(CVE-2010-1437, Important)
* systems using the kernel NFS server to export a shared memory file system
and that have the sysctl overcommit_memory variable set to never overcommit
(a value of 2; by default, it is set to 0), may experience a NULL pointer
dereference, allowing a local, unprivileged user to cause a denial of
service or escalate their privileges. (CVE-2008-7256, CVE-2010-1643,
Important)
* when an application has a stack overflow, the stack could silently
overwrite another memory mapped area instead of a segmentation fault
occurring, which could cause an application to execute arbitrary code.
(CVE-2010-2240, Important)
* flaw in CIFSSMBWrite() could allow a remote attacker to send a
specially-crafted SMB response packet to a target CIFS client, resulting in
a denial of service. (CVE-2010-2248, Important)
* buffer overflow flaws in the kernel's implementation of the server-side
XDR for NFSv4 could allow an attacker on the local network to send a
specially-crafted large compound request to the NFSv4 server, possibly
resulting in a denial of service or code execution. (CVE-2010-2521,
Important)
* NULL pointer dereference in the firewire-ohci driver used for OHCI
compliant IEEE 1394 controllers could allow a local, unprivileged user with
access to /dev/fw* files to issue certain IOCTL calls, causing a denial of
service or privilege escalation. The FireWire modules are blacklisted by
default. If enabled, only root has access to the files noted above by
default. (CVE-2009-4138, Moderate)
* flaw in the link_path_walk() function. Using the file descriptor
returned by open() with the O_NOFOLLOW flag on a subordinate NFS-mounted
file system, could result in a NULL pointer dereference, causing a denial
of service or privilege escalation. (CVE-2010-1088, Moderate)
* memory leak in release_one_tty() could allow a local, unprivileged user
to cause a denial of service. (CVE-2010-1162, Moderate)
* information leak in the USB implementation. Certain USB errors could
result in an uninitialized kernel buffer being sent to user-space. An
attacker with physical access to a target system could use this flaw to
cause an information leak. (CVE-2010-1083, Low)
Red Hat would like to thank Neil Brown for reporting CVE-2010-1084; Ang Way
Chuang for reporting CVE-2010-1086; Jukka Taimisto and Olli Jarva of
Codenomicon Ltd, Nokia Siemens Networks, and Wind River on behalf of their
customer, for responsibly reporting CVE-2010-1173; the X.Org security team
for reporting CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as
the original reporter; and Marcus Meissner for reporting CVE-2010-1083.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated kernel-rt packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise MRG 1.2.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\n[Updated 18 August 2010]\nThe CVE-2010-2240 description has been updated to reflect that the issue\naffects both 32-bit and 64-bit systems. No changes have been made to the\npackages.", "title": "Topic" }, { "category": "general", "text": "These packages contain the Linux kernel, the core of any Linux operating\nsystem.\n\nSecurity fixes:\n\n* unsafe sprintf() use in the Bluetooth implementation. Creating a large\nnumber of Bluetooth L2CAP, SCO, or RFCOMM sockets could result in arbitrary\nmemory pages being overwritten, allowing a local, unprivileged user to\ncause a denial of service or escalate their privileges. (CVE-2010-1084,\nImportant)\n\n* a flaw in the Unidirectional Lightweight Encapsulation implementation,\nallowing a remote attacker to send a specially-crafted ISO MPEG-2 Transport\nStream frame to a target system, resulting in a denial of service.\n(CVE-2010-1086, Important)\n\n* NULL pointer dereference in nfs_wb_page_cancel(), allowing a local user\non a system that has an NFS-mounted file system to cause a denial of\nservice or escalate their privileges on that system. (CVE-2010-1087,\nImportant)\n\n* flaw in sctp_process_unk_param(), allowing a remote attacker to send a\nspecially-crafted SCTP packet to an SCTP listening port on a target system,\ncausing a denial of service. (CVE-2010-1173, Important)\n\n* race condition between finding a keyring by name and destroying a freed\nkeyring in the key management facility, allowing a local, unprivileged\nuser to cause a denial of service or escalate their privileges.\n(CVE-2010-1437, Important)\n\n* systems using the kernel NFS server to export a shared memory file system\nand that have the sysctl overcommit_memory variable set to never overcommit\n(a value of 2; by default, it is set to 0), may experience a NULL pointer\ndereference, allowing a local, unprivileged user to cause a denial of\nservice or escalate their privileges. (CVE-2008-7256, CVE-2010-1643,\nImportant)\n\n* when an application has a stack overflow, the stack could silently\noverwrite another memory mapped area instead of a segmentation fault\noccurring, which could cause an application to execute arbitrary code.\n(CVE-2010-2240, Important)\n\n* flaw in CIFSSMBWrite() could allow a remote attacker to send a\nspecially-crafted SMB response packet to a target CIFS client, resulting in\na denial of service. (CVE-2010-2248, Important)\n\n* buffer overflow flaws in the kernel\u0027s implementation of the server-side\nXDR for NFSv4 could allow an attacker on the local network to send a\nspecially-crafted large compound request to the NFSv4 server, possibly\nresulting in a denial of service or code execution. (CVE-2010-2521,\nImportant)\n\n* NULL pointer dereference in the firewire-ohci driver used for OHCI\ncompliant IEEE 1394 controllers could allow a local, unprivileged user with\naccess to /dev/fw* files to issue certain IOCTL calls, causing a denial of\nservice or privilege escalation. The FireWire modules are blacklisted by\ndefault. If enabled, only root has access to the files noted above by\ndefault. (CVE-2009-4138, Moderate)\n\n* flaw in the link_path_walk() function. Using the file descriptor\nreturned by open() with the O_NOFOLLOW flag on a subordinate NFS-mounted\nfile system, could result in a NULL pointer dereference, causing a denial\nof service or privilege escalation. (CVE-2010-1088, Moderate)\n\n* memory leak in release_one_tty() could allow a local, unprivileged user\nto cause a denial of service. (CVE-2010-1162, Moderate)\n\n* information leak in the USB implementation. Certain USB errors could\nresult in an uninitialized kernel buffer being sent to user-space. An\nattacker with physical access to a target system could use this flaw to\ncause an information leak. (CVE-2010-1083, Low)\n\nRed Hat would like to thank Neil Brown for reporting CVE-2010-1084; Ang Way\nChuang for reporting CVE-2010-1086; Jukka Taimisto and Olli Jarva of\nCodenomicon Ltd, Nokia Siemens Networks, and Wind River on behalf of their\ncustomer, for responsibly reporting CVE-2010-1173; the X.Org security team\nfor reporting CVE-2010-2240, with upstream acknowledging Rafal Wojtczuk as\nthe original reporter; and Marcus Meissner for reporting CVE-2010-1083.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2010:0631", "url": "https://access.redhat.com/errata/RHSA-2010:0631" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://www.redhat.com/docs/en-US/errata/RHSA-2010-0631/Kernel_Security_Update/index.html", "url": "http://www.redhat.com/docs/en-US/errata/RHSA-2010-0631/Kernel_Security_Update/index.html" }, { "category": "external", "summary": "https://access.redhat.com/kb/docs/DOC-31052", "url": "https://access.redhat.com/kb/docs/DOC-31052" }, { "category": "external", "summary": "547236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547236" }, { "category": "external", "summary": "555671", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=555671" }, { "category": "external", "summary": "562075", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=562075" }, { "category": "external", "summary": "566624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=566624" }, { "category": "external", "summary": "567184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567184" }, { "category": "external", "summary": "567813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567813" }, { "category": "external", "summary": "569237", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=569237" }, { "category": "external", "summary": "576018", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=576018" }, { "category": "external", "summary": "582076", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=582076" }, { "category": "external", "summary": "584645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=584645" }, { "category": "external", "summary": "585094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=585094" }, { "category": "external", "summary": "594630", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=594630" }, { "category": "external", "summary": "595970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=595970" }, { "category": "external", "summary": "601210", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=601210" }, { "category": "external", "summary": "606611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611" }, { "category": "external", "summary": "608583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608583" }, { "category": "external", "summary": "612028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=612028" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhsa-2010_0631.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-22T03:38:20+00:00", "generator": { "date": "2024-11-22T03:38:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2010:0631", "initial_release_date": "2010-08-17T15:52:00+00:00", "revision_history": [ { "date": "2010-08-17T15:52:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2010-08-18T03:58:39+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T03:38:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "MRG Realtime for RHEL 5 Server", "product": { "name": "MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5" } } } ], "category": "product_family", "name": "Red Hat Enterprise MRG for RHEL-5" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-161.el5rt?arch=i686" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "product": { "name": "kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "product_id": "kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-161.el5rt?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common@2.6.24.7-161.el5rt?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "product": { "name": "kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "product_id": "kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@2.6.24.7-161.el5rt?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "product": { "name": "kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "product_id": "kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-firmware@2.6.24.7-161.el5rt?arch=noarch" } } }, { "category": "product_version", "name": "kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "product": { "name": "kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "product_id": "kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@2.6.24.7-161.el5rt?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:2.6.24.7-161.el5rt.src", "product": { "name": "kernel-rt-0:2.6.24.7-161.el5rt.src", "product_id": "kernel-rt-0:2.6.24.7-161.el5rt.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@2.6.24.7-161.el5rt?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-161.el5rt.src as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src" }, "product_reference": "kernel-rt-0:2.6.24.7-161.el5rt.src", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch" }, "product_reference": "kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch" }, "product_reference": "kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64 as a component of MRG Realtime for RHEL 5 Server", "product_id": "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" }, "product_reference": "kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64", "relates_to_product_reference": "5Server-MRG-Realtime-1.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2008-7256", "discovery_date": "2010-05-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "595970" } ], "notes": [ { "category": "description", "text": "mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfsd: fix vm overcommit crash", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 as they did not include nfs-export support for tmpfs. A future kernel update in Red Hat Enterprise MRG will address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2008-7256" }, { "category": "external", "summary": "RHBZ#595970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=595970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2008-7256", "url": "https://www.cve.org/CVERecord?id=CVE-2008-7256" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-7256", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-7256" } ], "release_date": "2008-10-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: nfsd: fix vm overcommit crash" }, { "cve": "CVE-2009-4138", "discovery_date": "2009-12-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "547236" } ], "notes": [ { "category": "description", "text": "drivers/firewire/ohci.c in the Linux kernel before 2.6.32-git9, when packet-per-buffer mode is used, allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unknown other impact via an unspecified ioctl associated with receiving an ISO packet that contains zero in the payload-length field.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: firewire: ohci: handle receive packets with a data length of zero", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/CVE-2009-4138\n\nThe Linux kernel packages as shipped with Red Hat Enterprise Linux 3 and 4 have a different (and older) implementation of the driver for OHCI 1394 controllers, which is not affected by this issue.\n\nA future kernel update for Red Hat Enterprise MRG will address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2009-4138" }, { "category": "external", "summary": "RHBZ#547236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547236" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2009-4138", "url": "https://www.cve.org/CVERecord?id=CVE-2009-4138" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-4138", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-4138" } ], "release_date": "2009-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: firewire: ohci: handle receive packets with a data length of zero" }, { "acknowledgments": [ { "names": [ "Marcus Meissner" ] } ], "cve": "CVE-2010-1083", "discovery_date": "2010-02-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "566624" } ], "notes": [ { "category": "description", "text": "The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: information leak via userspace USB interface", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue has been rated as having low security impact.\n\nA future update in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG may address this flaw. This issue is not planned to be fixed in Red Hat Enterprise Linux 3, due to this product being in Production 3 of its maintenance life-cycle, where only qualified security errata of important or critical impact are addressed.\n\nFor further information about Errata Support Policy, visit: https://access.redhat.com/support/policy/updates/errata/", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1083" }, { "category": "external", "summary": "RHBZ#566624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=566624" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1083", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1083" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1083", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1083" } ], "release_date": "2010-02-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: information leak via userspace USB interface" }, { "acknowledgments": [ { "names": [ "Neil Brown" ] } ], "cve": "CVE-2010-1084", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2010-03-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "576018" } ], "notes": [ { "category": "description", "text": "Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large number of Bluetooth sockets, related to the size of sysfs files in (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfcomm/sock.c, and (4) net/bluetooth/sco.c.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: bluetooth: potential bad memory access with sysfs files", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise 3 and 4, as it did not use sysfs files. A future update in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1084" }, { "category": "external", "summary": "RHBZ#576018", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=576018" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1084", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1084" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1084", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1084" } ], "release_date": "2010-03-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: bluetooth: potential bad memory access with sysfs files" }, { "acknowledgments": [ { "names": [ "Ang Way Chuang" ] } ], "cve": "CVE-2010-1086", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2010-03-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "569237" } ], "notes": [ { "category": "description", "text": "The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dvb-core: DoS bug in ULE decapsulation code", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for ULE (Unidirectional Lightweight Encapsulation). We have included a fix for this issue in Red Hat Enterprise Linux 4 and 5 however the affected module is not build by default.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1086" }, { "category": "external", "summary": "RHBZ#569237", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=569237" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1086", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1086" } ], "release_date": "2010-02-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: dvb-core: DoS bug in ULE decapsulation code" }, { "cve": "CVE-2010-1087", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2010-02-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "567184" } ], "notes": [ { "category": "description", "text": "The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allows attackers to cause a denial of service (Oops) via unknown vectors related to truncating a file and an operation that is not interruptible.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NFS: Fix an Oops when truncating a file", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3 and 4 as they did not include the upstream commit 150030b7 that had introduced the problem. A future update in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1087" }, { "category": "external", "summary": "RHBZ#567184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567184" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1087", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1087" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1087", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1087" } ], "release_date": "2010-02-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: NFS: Fix an Oops when truncating a file" }, { "cve": "CVE-2010-1088", "discovery_date": "2010-02-24T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "567813" } ], "notes": [ { "category": "description", "text": "fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount \"symlinks,\" which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fix LOOKUP_FOLLOW on automount \"symlinks\"", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3 and 4 as this issue only affects kernel version 2.6.18 and onwards. A future update in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1088" }, { "category": "external", "summary": "RHBZ#567813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=567813" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1088", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1088" } ], "release_date": "2010-02-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: fix LOOKUP_FOLLOW on automount \"symlinks\"" }, { "cve": "CVE-2010-1162", "discovery_date": "2010-04-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "582076" } ], "notes": [ { "category": "description", "text": "The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: tty: release_one_tty() forgets to put pids", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 as they did not include upstream commit ab521dc0 that introduced the problem. This issue was addressed in Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2010-0631.html.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1162" }, { "category": "external", "summary": "RHBZ#582076", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=582076" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1162", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1162" } ], "release_date": "2010-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: tty: release_one_tty() forgets to put pids" }, { "acknowledgments": [ { "names": [ "Wind River", "Nokia Siemens Networks" ] }, { "names": [ "Olli Jarva", "Jukka Taimisto" ], "organization": "Codenomicon Ltd" } ], "cve": "CVE-2010-1173", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2010-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "584645" } ], "notes": [ { "category": "description", "text": "The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: sctp: crash due to malformed SCTPChunkInit packet", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/CVE-2010-1173.\n\nThis issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not include support for SCTP. Future kernel updates in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG may address this flaw.\n\nFor more information, please see http://kbase.redhat.com/faq/docs/DOC-31052.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1173" }, { "category": "external", "summary": "RHBZ#584645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=584645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1173", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1173" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1173", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1173" } ], "release_date": "2010-04-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: sctp: crash due to malformed SCTPChunkInit packet" }, { "cve": "CVE-2010-1437", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2010-04-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "585094" } ], "notes": [ { "category": "description", "text": "Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: keyrings: find_keyring_by_name() can gain the freed keyring", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of Linux kernel as shipped with Red Hat\nEnterprise Linux 3. Future kernel updates in Red Hat Enterprise Linux 4, 5 and Red Hat Enterprise MRG will address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1437" }, { "category": "external", "summary": "RHBZ#585094", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=585094" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1437", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1437" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1437", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1437" } ], "release_date": "2010-04-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: keyrings: find_keyring_by_name() can gain the freed keyring" }, { "cve": "CVE-2010-1643", "discovery_date": "2010-05-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "595970" } ], "notes": [ { "category": "description", "text": "mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfsd: fix vm overcommit crash", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3, 4 and 5 as they did not include nfs-export support for tmpfs. A future kernel update in Red Hat Enterprise MRG will address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-1643" }, { "category": "external", "summary": "RHBZ#595970", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=595970" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-1643", "url": "https://www.cve.org/CVERecord?id=CVE-2010-1643" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-1643", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1643" } ], "release_date": "2008-10-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: nfsd: fix vm overcommit crash" }, { "acknowledgments": [ { "names": [ "X.Org security team" ] }, { "names": [ "Rafal Wojtczuk" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2010-2240", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2010-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "606611" } ], "notes": [ { "category": "description", "text": "The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mm: keep a guard page below a grow-down stack segment", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-2240" }, { "category": "external", "summary": "RHBZ#606611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-2240", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2240" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2240", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2240" } ], "release_date": "2010-08-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: mm: keep a guard page below a grow-down stack segment" }, { "cve": "CVE-2010-2248", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "discovery_date": "2010-06-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "608583" } ], "notes": [ { "category": "description", "text": "fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: cifs: Fix a kernel BUG with remote OS/2 server", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 3 as it did not have support for CIFS. Future updates in Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-2248" }, { "category": "external", "summary": "RHBZ#608583", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608583" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-2248", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2248" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2248", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2248" } ], "release_date": "2010-03-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: cifs: Fix a kernel BUG with remote OS/2 server" }, { "cve": "CVE-2010-2521", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2010-07-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "612028" } ], "notes": [ { "category": "description", "text": "Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfsd4: bug in read_buf", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue did not affect the versions of the Linux kernel as shipped with Red\nHat Enterprise Linux 3 as it did not include support for Network File System (NFS) version 4. Future updates in Red Hat Enterprise 4, 5, and Red Hat Enterprise MRG may address this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2010-2521" }, { "category": "external", "summary": "RHBZ#612028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=612028" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2010-2521", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2521" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2010-2521", "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2521" } ], "release_date": "2010-04-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2010-08-17T15:52:00+00:00", "details": "Users should upgrade to these updated packages, which contain\nbackported patches to correct these issues and fix the bugs noted in\nthe Kernel Security Update document, linked to in the References. The\nsystem must be rebooted for this update to take effect.\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system.", "product_ids": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2010:0631" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "products": [ "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.src", "5Server-MRG-Realtime-1.0:kernel-rt-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debug-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-debuginfo-common-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-doc-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-firmware-0:2.6.24.7-161.el5rt.noarch", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-trace-devel-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-debuginfo-0:2.6.24.7-161.el5rt.x86_64", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.i686", "5Server-MRG-Realtime-1.0:kernel-rt-vanilla-devel-0:2.6.24.7-161.el5rt.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: nfsd4: bug in read_buf" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.