{ "threat_severity" : "Moderate", "public_date" : "2011-06-02T00:00:00Z", "bugzilla" : { "description" : "kernel: ksm: race between ksmd and exiting task", "id" : "710338", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=710338" }, "cvss" : { "cvss_base_score" : "4.7", "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:N/I:N/A:C", "status" : "verified" }, "details" : [ "Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application." ], "statement" : "This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, and Red Hat Enterprise MRG do not provide support for KSM (Kernel Samepage Merging). This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2011-1189.html.", "acknowledgement" : "Red Hat would like to thank Andrea Righi for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2011-08-23T00:00:00Z", "advisory" : "RHSA-2011:1189", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "kernel-0:2.6.32-131.12.1.el6" }, { "product_name" : "Red Hat Enterprise MRG 2", "release_date" : "2011-09-12T00:00:00Z", "advisory" : "RHSA-2011:1253", "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package" : "kernel-rt-0:2.6.33.9-rt31.75.el6rt" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 4", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:4" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-2183\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2183" ], "name" : "CVE-2011-2183", "csaw" : false }