{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-10-07T00:00:00", "descriptions": [{"lang": "en", "value": "The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-12T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201858"}, {"name": "USN-2967-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"name": "SUSE-SU-2016:1985", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"name": "openSUSE-SU-2016:2184", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"}, {"name": "USN-2947-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2947-3"}, {"name": "USN-2967-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"tags": ["x_refsource_MISC"], "url": "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf"}, {"name": "USN-2947-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2947-2"}, {"name": "USN-2947-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2947-1"}, {"name": "77030", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/77030"}, {"name": "USN-2929-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"name": "USN-2932-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"name": "20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/536629"}, {"name": "DSA-3426", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3426"}, {"name": "SUSE-SU-2016:2105", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"}, {"name": "USN-2948-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"name": "DSA-3396", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3396"}, {"name": "USN-2929-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"name": "USN-2948-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2948-2"}, {"name": "1034452", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034452"}, {"name": "SUSE-SU-2016:1937", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7833", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1201858", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201858"}, {"name": "USN-2967-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"name": "SUSE-SU-2016:1985", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"name": "openSUSE-SU-2016:2184", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"}, {"name": "USN-2947-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2947-3"}, {"name": "USN-2967-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"name": "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf", "refsource": "MISC", "url": "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf"}, {"name": "USN-2947-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2947-2"}, {"name": "USN-2947-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2947-1"}, {"name": "77030", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77030"}, {"name": "USN-2929-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"name": "USN-2932-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"name": "20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/536629"}, {"name": "DSA-3426", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3426"}, {"name": "SUSE-SU-2016:2105", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"}, {"name": "USN-2948-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"name": "DSA-3396", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3396"}, {"name": "USN-2929-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"name": "USN-2948-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2948-2"}, {"name": "1034452", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034452"}, {"name": "SUSE-SU-2016:1937", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T07:59:00.514Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201858"}, {"name": "USN-2967-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"name": "SUSE-SU-2016:1985", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"name": "openSUSE-SU-2016:2184", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"}, {"name": "USN-2947-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2947-3"}, {"name": "USN-2967-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf"}, {"name": "USN-2947-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2947-2"}, {"name": "USN-2947-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2947-1"}, {"name": "77030", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/77030"}, {"name": "USN-2929-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"name": "USN-2932-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"name": "20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/536629"}, {"name": "DSA-3426", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3426"}, {"name": "SUSE-SU-2016:2105", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"}, {"name": "USN-2948-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"name": "DSA-3396", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3396"}, {"name": "USN-2929-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"name": "USN-2948-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2948-2"}, {"name": "1034452", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034452"}, {"name": "SUSE-SU-2016:1937", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7833", "datePublished": "2015-10-19T10:00:00", "dateReserved": "2015-10-14T00:00:00", "dateUpdated": "2024-08-06T07:59:00.514Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12:sp1:*:*:*:*:*:*", "matchCriteriaId": "5AB3CAA1-C20C-4A86-841E-EC0858164D7D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "266EA1B3-526F-4D12-873E-08CE3861AEA6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor."}, {"lang": "es", "value": "El controlador usbvision en el paquete del kernel de Linux 3.10.0-123.20.1.el7 hasta la versi\u00f3n 3.10.0-229.14.1.el7 en Red Hat Enterprise Linux (RHEL) 7.1 permite a atacantes f\u00edsicamente pr\u00f3ximos provocar una denegaci\u00f3n de servicio (panic) a trav\u00e9s de un valor bInterfaceNumber distinto de cero en un descriptor de dispositivo USB."}], "id": "CVE-2015-7833", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-10-19T10:59:10.787", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2015/dsa-3396"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2015/dsa-3426"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/536629"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/77030"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id/1034452"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2947-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2947-2"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2947-3"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2948-2"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201858"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2015/dsa-3396"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2015/dsa-3426"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/536629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/77030"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1034452"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2929-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2929-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2932-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2947-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2947-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2947-3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2948-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2948-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2967-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2967-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1201858"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-17"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Ralf Spenneberg (OpenSource Security) for reporting this issue.", "bugzilla": {"description": "kernel: usbvision: crash on invalid USB device descriptors", "id": "1270158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1270158"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "status": "draft"}, "cwe": "CWE-476", "details": ["The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.", "An out-of-bounds memory access flaw was found in the USBVision USB camera driver (usbvision_probe() function in drivers/media/usb/usbvision/usbvision-video.c). The driver assumes that the interfaces numbers of the USB device are always in 0,1,2,3... order. By using a specially crafted USB device which advertises an out-of-order number on one of its interfaces, an unprivileged user with physical access to the system can trigger a kernel NULL-pointer dereference causing a system freeze (denial of service)."], "name": "CVE-2015-7833", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2015-10-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-7833\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-7833"], "statement": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2.\nThis has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", "threat_severity": "Low"}

{}