{
  "threat_severity" : "Moderate",
  "public_date" : "2011-04-05T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: cifs oops when creating file with O_DIRECT set",
    "id" : "703016",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=703016"
  },
  "cvss" : {
    "cvss_base_score" : "4.7",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "details" : [ "The cifs_close function in fs/cifs/file.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact by setting the O_DIRECT flag during an attempt to open a file on a CIFS filesystem." ],
  "statement" : "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise Linux MRG as they did not backport the upstream commit cdff08e7 that introduced this issue. Future kernel updates for Red Hat Enterprise Linux 6 may address this flaw.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2011-06-01T00:00:00Z",
    "advisory" : "RHSA-2011:0836",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-131.2.1.el6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise MRG 1",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:1"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-1771\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-1771" ],
  "name" : "CVE-2011-1771",
  "csaw" : false
}