OpenCVE

The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:L/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel
Redhat	Enterprise Linux Rhel Eus Rhel Mission Critical

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:-:*:*:*:*:x86:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5
kernel-0:2.6.18-274.7.1.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2011:1386	2011-10-20T00:00:00Z
Red Hat Enterprise Linux 5.3 Long Life
kernel-0:2.6.18-128.36.1.el5	cpe:/o:redhat:rhel_mission_critical:5.3	RHSA-2011:1418	2011-11-01T00:00:00Z
Red Hat Enterprise Linux 5.6 EUS - Server Only
kernel-0:2.6.18-238.28.1.el5	cpe:/o:redhat:rhel_eus:5.6	RHSA-2011:1419	2011-11-01T00:00:00Z

References

Link	Providers
http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d
http://www.openwall.com/lists/oss-security/2011/10/24/3
https://bugzilla.redhat.com/show_bug.cgi?id=732878
https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d
https://nvd.nist.gov/vuln/detail/CVE-2011-3209
https://www.cve.org/CVERecord?id=CVE-2011-3209

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-10-03T10:00:00Z

Updated: 2024-08-06T23:29:56.015Z

Reserved: 2011-08-19T00:00:00Z

Link: CVE-2011-3209

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-10-03T11:02:56.173

Modified: 2024-11-21T01:29:59.130

Link: CVE-2011-3209

Redhat

Severity : Moderate

Publid Date: 2008-05-01T00:00:00Z

Links: CVE-2011-3209 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2012-10-03T10:00:00Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732878"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"name": "[oss-security] 20111024 kernel; CVE-2011-2942 and CVE-2011-3209", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/10/24/3"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:29:56.015Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732878"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"name": "[oss-security] 20111024 kernel; CVE-2011-2942 and CVE-2011-3209", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/10/24/3"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-3209", "state": "PUBLISHED", "dateReserved": "2011-08-19T00:00:00Z", "datePublished": "2012-10-03T10:00:00Z", "dateUpdated": "2024-08-06T23:29:56.015Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:-:*:*:*:*:x86:*", "matchCriteriaId": "E70E2899-4469-4C89-98F6-5E51C8487A17", "versionEndIncluding": "2.6.25.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call."}, {"lang": "es", "value": "La implementaci\u00f3n de div_long_long_rem en include/asm-x86/div64.h en el Kernel de Linux anteriores a v2.6.26 en plataformas x86 permite a usuarios locales provocar una denegaci\u00f3n de servicio (Divide Error Fault y p\u00e1nico) a trav\u00e9s de una llamada al sistema clock_gettime."}], "id": "CVE-2011-3209", "lastModified": "2024-11-21T01:29:59.130", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-03T11:02:56.173", "references": [{"source": "secalert@redhat.com", "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26"}, {"source": "secalert@redhat.com", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/10/24/3"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732878"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=f8bd2258e2d520dff28c855658bd24bdafb5102d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/10/24/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732878"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://github.com/torvalds/linux/commit/f8bd2258e2d520dff28c855658bd24bdafb5102d"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Yasuaki Ishimatsu for reporting this issue.", "affected_release": [{"advisory": "RHSA-2011:1386", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-274.7.1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2011-10-20T00:00:00Z"}, {"advisory": "RHSA-2011:1418", "cpe": "cpe:/o:redhat:rhel_mission_critical:5.3", "package": "kernel-0:2.6.18-128.36.1.el5", "product_name": "Red Hat Enterprise Linux 5.3 Long Life", "release_date": "2011-11-01T00:00:00Z"}, {"advisory": "RHSA-2011:1419", "cpe": "cpe:/o:redhat:rhel_eus:5.6", "package": "kernel-0:2.6.18-238.28.1.el5", "product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only", "release_date": "2011-11-01T00:00:00Z"}], "bugzilla": {"description": "kernel: panic occurs when clock_gettime() is called", "id": "732878", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=732878"}, "csaw": false, "cvss": {"cvss_base_score": "4.9", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "status": "verified"}, "details": ["The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call."], "name": "CVE-2011-3209", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:4", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:rhel_eus:5.3", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux Extended Update Support 5.3"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2008-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-3209\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-3209"], "statement": "This issue did not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, 6, and Red Hat Enterprise MRG, as they either do not have the sample_to_timespec() function, or have already backported upstream commit f8bd2258, which addresses this issue. It was addressed in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2011-1386.html.", "threat_severity": "Moderate"}