{ "threat_severity" : "Moderate", "public_date" : "2013-04-16T00:00:00Z", "bugzilla" : { "description" : "Kernel: perf/x86: offcore_rsp valid mask for SNB/IVB", "id" : "971309", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=971309" }, "cvss" : { "cvss_base_score" : "4.7", "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:N/I:N/A:C", "status" : "verified" }, "details" : [ "arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system crash) by attempting to set a reserved bit." ], "statement" : "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5.\nThis issue affects the versions of Linux kernel as shipped with\nRed Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates\nfor Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this\nissue.", "affected_release" : [ { "product_name" : "OpenStack 3 for RHEL 6", "release_date" : "2013-09-03T00:00:00Z", "advisory" : "RHSA-2013:1195", "cpe" : "cpe:/a:redhat:openstack:3::el6", "package" : "kernel-0:2.6.32-358.118.1.openstack.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2013-08-27T00:00:00Z", "advisory" : "RHSA-2013:1173", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "kernel-0:2.6.32-358.18.1.el6" }, { "product_name" : "Red Hat Enterprise MRG 2", "release_date" : "2013-09-16T00:00:00Z", "advisory" : "RHSA-2013:1264", "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package" : "kernel-rt-0:3.6.11.5-rt37.55.el6rt" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-2146\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-2146" ], "name" : "CVE-2013-2146", "csaw" : false }