{ "threat_severity" : "Moderate", "public_date" : "2011-04-21T00:00:00Z", "bugzilla" : { "description" : "kernel: net: slab corruption due to improper synchronization around inet->opt", "id" : "853465", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=853465" }, "cvss" : { "cvss_base_score" : "5.4", "cvss_scoring_vector" : "AV:N/AC:H/Au:N/C:N/I:N/A:C", "status" : "verified" }, "details" : [ "Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options during the handling of network traffic." ], "statement" : "This issue did affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5.\nThis issue did affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6.\nThis issue did not affect the versions of Linux kernel as shipped with Red Hat Enterpise MRG 2.", "acknowledgement" : "Red Hat would like to thank Hafid Lin for reporting this issue.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 5", "release_date" : "2012-12-04T00:00:00Z", "advisory" : "RHSA-2012:1540", "cpe" : "cpe:/o:redhat:enterprise_linux:5", "package" : "kernel-0:2.6.18-308.24.1.el5" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2012-09-25T00:00:00Z", "advisory" : "RHSA-2012:1304", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "kernel-0:2.6.32-279.9.1.el6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux Extended Update Support 6.2", "fix_state" : "Affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:rhel_eus:6.2" }, { "product_name" : "Red Hat Enterprise MRG 2", "fix_state" : "Not affected", "package_name" : "realtime-kernel", "cpe" : "cpe:/a:redhat:enterprise_mrg:2" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-3552\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3552" ], "name" : "CVE-2012-3552", "csaw" : false }