Back to bug 1296253
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-06 17:51:46 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-06 17:51:46 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-06 18:03:03 UTC | Summary | EMBARGOED kernel: Kernel memory disclosure and crash in tty layer | EMBARGOED CVE-2016-0723 kernel: Kernel memory disclosure and crash in tty layer |
| Alias | CVE-2016-0723 | |||
| Adam Mariš | 2016-01-06 18:13:56 UTC | Blocks | 1296261 | |
| Andrej Nemec | 2016-01-20 10:05:36 UTC | Whiteboard | impact=moderate,public=no,reported=20160106,source=redhat,cvss2=5.0/AV:L/AC:M/Au:S/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=new,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=new,rhelsa-7.1/kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20151127,reported=20160106,source=redhat,cvss2=5.0/AV:L/AC:M/Au:S/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=new,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=new,rhelsa-7.1/kernel=affected,fedora-all/kernel=affected |
| Andrej Nemec | 2016-01-20 10:05:45 UTC | Summary | EMBARGOED CVE-2016-0723 kernel: Kernel memory disclosure and crash in tty layer | CVE-2016-0723 kernel: Kernel memory disclosure and crash in tty layer |
| Andrej Nemec | 2016-01-20 10:05:55 UTC | Group | security, qe_staff | |
| Andrej Nemec | 2016-01-20 10:06:14 UTC | Depends On | 1300224 | |
| Slawomir Czarko | 2016-02-08 09:07:28 UTC | CC | slawomir | |
| Wade Mealing | 2016-02-15 09:21:27 UTC | Whiteboard | impact=moderate,public=20151127,reported=20160106,source=redhat,cvss2=5.0/AV:L/AC:M/Au:S/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=new,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=new,rhelsa-7.1/kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20151127,reported=20160106,source=redhat,cvss2=5.6/AV:L/AC:L/Au:N/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=new,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=new,rhelsa-7.1/kernel=affected,fedora-all/kernel=affected |
| Salvatore Bonaccorso | 2016-02-15 21:00:30 UTC | CC | carnil | |
| Wade Mealing | 2016-02-16 01:16:14 UTC | CC | wmealing | |
| Wade Mealing | 2016-02-16 04:27:25 UTC | Whiteboard | impact=moderate,public=20151127,reported=20160106,source=redhat,cvss2=5.6/AV:L/AC:L/Au:N/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=new,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=new,rhelsa-7.1/kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20151127,reported=20160106,source=redhat,cvss2=5.6/AV:L/AC:L/Au:N/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=wontfix,rhel-6/kernel=wontfix,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/kernel-biscayne=wontfix,fedora-all/kernel=affected |
| Wade Mealing | 2016-02-16 04:27:41 UTC | CC | arm-mgr, blc, mlangsdo, rt-maint | |
| Wade Mealing | 2016-02-16 06:22:21 UTC | Doc Text | A flaw was discovered in the linux kernel tty subsystem which allows for disclosure of uncontrolled memory location and possible kernel panic. The information leak is caused by a race condition when attempting to set and read the tty line discipline. An attacker can use the TIOCSETD (via tty_set_ldisc ) to switch to a new line discipline, a concurrent call to with a TIOCGETD ioctl performs a read on a given tty may be able to access memory previously allocated. Up to 4 bytes may leaked when querying the line discipline or the kernel can be paniced with a null pointer dereference. | |
| Summer Long | 2016-02-17 00:35:52 UTC | CC | slong | |
| Doc Text | A flaw was discovered in the linux kernel tty subsystem which allows for disclosure of uncontrolled memory location and possible kernel panic. The information leak is caused by a race condition when attempting to set and read the tty line discipline. An attacker can use the TIOCSETD (via tty_set_ldisc ) to switch to a new line discipline, a concurrent call to with a TIOCGETD ioctl performs a read on a given tty may be able to access memory previously allocated. Up to 4 bytes may leaked when querying the line discipline or the kernel can be paniced with a null pointer dereference. | A use-after-free flaw was discovered in the Linux kernel's tty subsystem, which allows for the disclosure of uncontrolled memory location and possible kernel panic. The information leak is caused by a race condition when attempting to set and read the tty line discipline. A local attacker could use the TIOCSETD (via tty_set_ldisc ) to switch to a new line discipline; a concurrent call to a TIOCGETD ioctl performing a read on a given tty could then access previously allocated memory. Up to 4 bytes could be leaked when querying the line discipline or the kernel could panic with a NULL-pointer dereference. | ||
| Norman Sardella | 2016-06-24 09:05:18 UTC | CC | sardella | |
| John Skeoch | 2016-10-04 04:17:48 UTC | CC | pholasek | |
| Dominik Mierzejewski | 2017-04-12 12:35:14 UTC | CC | dominik.mierzejewski | |
| PnT Account Manager | 2018-02-07 23:10:22 UTC | CC | agordeev | |
| PnT Account Manager | 2018-07-19 06:13:51 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:01:45 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 15:02:59 UTC | CC | esammons | |
| Product Security DevOps Team | 2019-06-08 02:47:13 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2019-06-08 02:47:13 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:41:49 UTC | Whiteboard | impact=moderate,public=20151127,reported=20160106,source=redhat,cvss2=5.6/AV:L/AC:L/Au:N/C:P/I:N/A:C,cwe=CWE-416,rhel-5/kernel=wontfix,rhel-6/kernel=wontfix,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/kernel-biscayne=wontfix,fedora-all/kernel=affected | |
| Ondrej Soukup | 2021-03-26 16:17:17 UTC | Doc Text | A use-after-free flaw was discovered in the Linux kernel's tty subsystem, which allows for the disclosure of uncontrolled memory location and possible kernel panic. The information leak is caused by a race condition when attempting to set and read the tty line discipline. A local attacker could use the TIOCSETD (via tty_set_ldisc ) to switch to a new line discipline; a concurrent call to a TIOCGETD ioctl performing a read on a given tty could then access previously allocated memory. Up to 4 bytes could be leaked when querying the line discipline or the kernel could panic with a NULL-pointer dereference. | A use-after-free flaw was discovered in the Linux kernel's tty subsystem, which allows for the disclosure of uncontrolled memory location and possible kernel panic. The information leak is caused by a race condition when attempting to set and read the tty line discipline. A local attacker could use the TIOCSETD (via tty_set_ldisc) to switch to a new line discipline; a concurrent call to a TIOCGETD ioctl performing a read on a given tty could then access previously allocated memory. Up to 4 bytes could be leaked when querying the line discipline or the kernel could panic with a NULL-pointer dereference. |
| Ondrej Soukup | 2021-06-01 13:21:11 UTC | CC | osoukup |
Back to bug 1296253