{
  "threat_severity" : "Important",
  "public_date" : "2011-08-23T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: cifs: signedness issue in CIFSFindNext()",
    "id" : "732869",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=732869"
  },
  "cvss" : {
    "cvss_base_score" : "6.8",
    "cvss_scoring_vector" : "AV:A/AC:H/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "details" : [ "Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory." ],
  "statement" : "This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. It has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.",
  "acknowledgement" : "Red Hat would like to thank Darren Lavender for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2011-10-20T00:00:00Z",
    "advisory" : "RHSA-2011:1386",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-274.7.1.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2011-11-22T00:00:00Z",
    "advisory" : "RHSA-2011:1465",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-131.21.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2012-01-10T00:00:00Z",
    "advisory" : "RHSA-2012:0010",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-0:2.6.33.9-rt31.79.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Will not fix",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2011-3191\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3191" ],
  "name" : "CVE-2011-3191",
  "csaw" : false
}