Back to bug 1296567
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-07 15:05:54 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-07 15:05:54 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-07 15:12:20 UTC | Blocks | 1296569 | |
| Prasad Pandit | 2016-02-18 06:47:46 UTC | Priority | medium | low |
| CC | prasad | |||
| Doc Text | Qemu emulator built with the IP checksum routines is vulnerable to an OOB read access issue. It could occur while computing checksum for TCP/UDP packets, as the function uses payload length from the packet without checking against the data buffer size. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. | |||
| Whiteboard | impact=moderate,public=no,reported=20160107,source=researcher,cvss2=4.0/AV:N/AC:L/Au:S/C:P/I:N/A:N,cwe=CWE-125,rhel-5/kvm=new,rhel-6/qemu-kvm=new,rhel-6/qemu-kvm-rhev=new,rhel-7/qemu-kvm=new,rhel-7/qemu-kvm-rhev=new,openstack-5/qemu-kvm-rhev=new,openstack-6/qemu-kvm-rhev=new,openstack-7/qemu-kvm-rhev=new,openstack-8/qemu-kvm-rhev=new,rhev-m-3/qemu-kvm-rhev=new,fedora-all/qemu=affected,epel-all/qemu=affected | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=wontfix,rhel-6/qemu-kvm-rhev=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | ||
| Severity | medium | low | ||
| Prasad Pandit | 2016-02-18 06:52:40 UTC | Summary | EMBARGOED qemu: Out-of-bounds read in net_checksum_calculate() | qemu: Out-of-bounds read in net_checksum_calculate() |
| Prasad Pandit | 2016-02-18 06:52:49 UTC | Group | security, qe_staff | |
| Prasad Pandit | 2016-02-18 06:53:50 UTC | Depends On | 1309564 | |
| Prasad Pandit | 2016-02-18 06:54:09 UTC | Depends On | 1309565 | |
| Prasad Pandit | 2016-02-18 08:00:05 UTC | Summary | qemu: Out-of-bounds read in net_checksum_calculate() | Qemu: net: out of bounds read in net_checksum_calculate() |
| Prasad Pandit | 2016-03-07 05:43:46 UTC | Alias | CVE-2016-2857 | |
| Prasad Pandit | 2016-03-07 05:43:59 UTC | Summary | Qemu: net: out of bounds read in net_checksum_calculate() | CVE-2016-2857 Qemu: net: out of bounds read in net_checksum_calculate() |
| Summer Long | 2016-03-13 23:58:14 UTC | CC | slong | |
| Doc Text | Qemu emulator built with the IP checksum routines is vulnerable to an OOB read access issue. It could occur while computing checksum for TCP/UDP packets, as the function uses payload length from the packet without checking against the data buffer size. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. | An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function uses the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). | ||
| John Skeoch | 2016-04-18 07:33:52 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 00:44:47 UTC | CC | pmyers | |
| Garth Mollett | 2016-08-26 06:29:52 UTC | Blocks | 1370384 | |
| Prasad Pandit | 2016-11-24 10:04:33 UTC | Whiteboard | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=wontfix,rhel-6/qemu-kvm-rhev=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rheva=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=affected |
| Prasad Pandit | 2016-11-24 10:05:30 UTC | Depends On | 1398213 | |
| Prasad Pandit | 2016-11-24 10:05:43 UTC | Depends On | 1398214 | |
| Prasad Pandit | 2016-11-24 10:05:59 UTC | Depends On | 1398215 | |
| Prasad Pandit | 2016-11-24 10:06:12 UTC | Depends On | 1398216 | |
| Prasad Pandit | 2016-11-24 10:06:27 UTC | Depends On | 1398217 | |
| Prasad Pandit | 2016-11-24 10:06:40 UTC | Depends On | 1398218 | |
| Prasad Pandit | 2016-11-24 10:06:55 UTC | Depends On | 1398219 | |
| Prasad Pandit | 2016-11-24 10:07:08 UTC | Depends On | 1398220 | |
| Prasad Pandit | 2016-11-24 10:07:22 UTC | Depends On | 1398221 | |
| Prasad Pandit | 2016-11-24 10:07:41 UTC | Depends On | 1398222 | |
| Prasad Pandit | 2016-11-24 10:08:01 UTC | Depends On | 1398223 | |
| Prasad Pandit | 2016-11-24 10:08:19 UTC | Depends On | 1398224 | |
| Prasad Pandit | 2016-11-24 10:08:41 UTC | Depends On | 1398225 | |
| Miya Chen | 2016-11-27 13:38:38 UTC | CC | chayang, juzhang, michen, weliao | |
| weliao | 2017-01-05 02:38:35 UTC | CC | amaris | |
| Flags | needinfo?(amaris) | |||
| Adam Mariš | 2017-01-05 14:24:10 UTC | Flags | needinfo?(amaris) | |
| weliao | 2017-01-06 03:48:07 UTC | Flags | needinfo?(amaris) | |
| Prasad Pandit | 2017-01-09 04:47:37 UTC | Flags | needinfo?(amaris) | |
| Martin Prpič | 2017-01-17 12:31:24 UTC | Doc Text | An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function uses the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). | An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). |
| Mike Burns | 2017-01-24 13:05:00 UTC | CC | gmollett, mburns | |
| Flags | needinfo?(gmollett) needinfo?(prasad) | |||
| Prasad Pandit | 2017-01-24 17:12:04 UTC | Flags | needinfo?(gmollett) needinfo?(prasad) | |
| Prasad Pandit | 2017-01-24 17:14:39 UTC | Whiteboard | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rheva=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=affected |
| Prasad Pandit | 2017-01-24 17:15:31 UTC | Depends On | 1416151 | |
| Garth Mollett | 2017-02-06 00:50:25 UTC | Whiteboard | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=affected |
| Garth Mollett | 2017-02-06 00:50:47 UTC | CC | cvsbot-xmlrpc, jjoyce, kbasil, virt-maint | |
| Garth Mollett | 2017-02-06 01:15:14 UTC | Depends On | 1419380 | |
| Garth Mollett | 2017-02-06 01:15:32 UTC | Depends On | 1419381 | |
| Garth Mollett | 2017-02-10 01:17:33 UTC | Whiteboard | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=notaffected,openstack-11/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected |
| Prasad Pandit | 2017-02-21 10:49:29 UTC | Whiteboard | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=notaffected,openstack-11/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cvss3=4.7/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=notaffected,openstack-11/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected |
| Scott Herold | 2017-09-12 15:39:24 UTC | CC | sherold | |
| PnT Account Manager | 2018-01-30 00:50:11 UTC | CC | weliao | |
| PnT Account Manager | 2018-01-30 23:54:58 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 14:47:27 UTC | CC | rbalakri | |
| PnT Account Manager | 2018-11-05 22:41:44 UTC | CC | ylavi | |
| PnT Account Manager | 2019-02-28 22:35:34 UTC | CC | amaris | |
| Gil Klein | 2019-04-14 12:44:24 UTC | CC | gklein | |
| PnT Account Manager | 2019-05-26 21:55:26 UTC | CC | michen | |
| Product Security DevOps Team | 2019-06-08 02:47:17 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:47:17 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:41:49 UTC | Whiteboard | impact=low,public=20160217,reported=20160107,source=researcher,cvss2=4.3/AV:A/AC:M/Au:N/C:P/I:N/A:P,cvss3=4.7/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L,cwe=CWE-125,rhel-5/kvm=wontfix,rhel-6/qemu-kvm=affected,rhel-6/qemu-kvm-rhev=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=notaffected,openstack-11/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected |
Back to bug 1296567