{
  "threat_severity" : "Moderate",
  "public_date" : "2012-02-23T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount",
    "id" : "798293",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=798293"
  },
  "cvss" : {
    "cvss_base_score" : "5.7",
    "cvss_scoring_vector" : "AV:A/AC:M/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "details" : [ "The cifs_lookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service (OOPS) via attempted access to a special file, as demonstrated by a FIFO." ],
  "statement" : "This issue did not affect the Linux kernel as shipped with Red Hat Enterprise\nLinux 4 and 5 as they did not backport the commit \na6ce4932fbdbcd8f8e8c6df76812014351c32892 that introduced this issue. This issue did not affect the Linux kernel as shipped with Red Hat Enterprise MRG 2. This has been addressed in Red Hat Enterprise Linux 6 via https://rhn.redhat.com/errata/RHSA-2012-0481.html.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-04-17T00:00:00Z",
    "advisory" : "RHSA-2012:0481",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-220.13.1.el6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 4",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-1090\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-1090" ],
  "name" : "CVE-2012-1090",
  "csaw" : false
}