{
  "threat_severity" : "Moderate",
  "public_date" : "2012-08-01T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: mm/hotplug: failure in propagating hot-added memory to other nodes",
    "id" : "875374",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=875374"
  },
  "cvss" : {
    "cvss_base_score" : "4.0",
    "cvss_scoring_vector" : "AV:L/AC:H/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "details" : [ "The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator." ],
  "statement" : "This issue did affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 6.\nThis issue did not affect the versions of kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2012-12-18T00:00:00Z",
    "advisory" : "RHSA-2012:1580",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-279.19.1.el6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Not affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2012-5517\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-5517" ],
  "name" : "CVE-2012-5517",
  "csaw" : false
}