{
  "threat_severity" : "Moderate",
  "public_date" : "2011-08-30T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: xen: off-by-one shift in x86_64 __addr_ok()",
    "id" : "728042",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=728042"
  },
  "cvss" : {
    "cvss_base_score" : "5.5",
    "cvss_scoring_vector" : "AV:A/AC:L/Au:S/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-193",
  "details" : [ "Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits." ],
  "statement" : "The versions of the Linux kernel as shipped with Red Hat Enterprise Linux 4, 6,\nand Red Hat Enterprise MRG are not affected. This has been addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1212.html.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2011-09-06T00:00:00Z",
    "advisory" : "RHSA-2011:1212",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-274.3.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5.6 EUS - Server Only",
    "release_date" : "2011-12-13T00:00:00Z",
    "advisory" : "RHSA-2011:1813",
    "cpe" : "cpe:/o:redhat:rhel_eus:5.6",
    "package" : "kernel-0:2.6.18-238.31.1.el5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-2901\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-2901" ],
  "name" : "CVE-2011-2901",
  "csaw" : false
}