CVE-2011-3209

Опубликовано: 01 мая 2008

Источник: redhat

CVSS2: 4.9

Описание

The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call.

Отчет

This issue did not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, 6, and Red Hat Enterprise MRG, as they either do not have the sample_to_timespec() function, or have already backported upstream commit f8bd2258, which addresses this issue. It was addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1386.html.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 4	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux Extended Update Support 5.3	kernel	Affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected
Red Hat Enterprise Linux 5	kernel	Fixed	RHSA-2011:1386	20.10.2011
Red Hat Enterprise Linux 5.3 Long Life	kernel	Fixed	RHSA-2011:1418	01.11.2011
Red Hat Enterprise Linux 5.6 EUS - Server Only	kernel	Fixed	RHSA-2011:1419	01.11.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=732878kernel: panic occurs when clock_gettime() is called

4.9 Medium

CVSS2

Связанные уязвимости

CVE-2011-3209

ubuntu

около 13 лет назад

CVE-2011-3209

nvd

около 13 лет назад

CVE-2011-3209

debian

около 13 лет назад

The div_long_long_rem implementation in include/asm-x86/div64.h in the ...

GHSA-wwjm-fhqp-6cq8

github

больше 3 лет назад

ELSA-2011-1386

oracle-oval

около 14 лет назад

ELSA-2011-1386: kernel security, bug fix, and enhancement update (IMPORTANT)

4.9 Medium

CVSS2