Back to bug 1297813
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-12 14:21:23 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-12 14:21:23 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-12 14:27:43 UTC | Blocks | 1297817 | |
| Andrej Nemec | 2016-01-20 09:45:42 UTC | Whiteboard | impact=moderate,public=no,reported=20160111,source=redhat,cvss2=2.1/AV:L/AC:L/Au:N/C:N/I:N/A:P,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=2.1/AV:L/AC:L/Au:N/C:N/I:N/A:P,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected |
| Andrej Nemec | 2016-01-20 09:50:18 UTC | Summary | EMBARGOED CVE-2013-4312 kernel: File descriptors passed over unix sockets are not properly accounted | CVE-2013-4312 kernel: File descriptors passed over unix sockets are not properly accounted |
| Andrej Nemec | 2016-01-20 09:50:26 UTC | Group | security, qe_staff | |
| Andrej Nemec | 2016-01-20 09:51:42 UTC | Depends On | 1300216 | |
| Andrej Nemec | 2016-01-20 09:56:34 UTC | CC | anemec | |
| Slawomir Czarko | 2016-01-21 07:27:38 UTC | CC | slawomir | |
| Vladis Dronov | 2016-01-31 17:12:39 UTC | Whiteboard | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=2.1/AV:L/AC:L/Au:N/C:N/I:N/A:P,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected |
| Vladis Dronov | 2016-01-31 17:12:50 UTC | Whiteboard | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected |
| Vladis Dronov | 2016-01-31 17:26:24 UTC | CC | vdronov | |
| Doc Text | It was found that it is possible for an unprivileged process to allocate and accumulate far more file descriptors than the process' limit by sending them over a unix socket and then closing them to keep the process' fd count low, thus leading to a kernel memory or file descriptors exhaustion. | |||
| Whiteboard | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-aarch64=affected,rhel-7/kernel-rt=affected,mrg-2/kernel-rt=affected,fedora-all/kernel=affected | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | ||
| Vladis Dronov | 2016-02-01 11:35:35 UTC | Depends On | 1303586 | |
| Vladis Dronov | 2016-02-01 11:35:41 UTC | Depends On | 1303587 | |
| Vladis Dronov | 2016-02-01 11:50:18 UTC | Depends On | 1303592 | |
| Vladis Dronov | 2016-02-01 11:54:05 UTC | Depends On | 1303594 | |
| Salvatore Bonaccorso | 2016-02-01 15:25:34 UTC | CC | carnil | |
| Adam Mariš | 2016-02-02 09:59:24 UTC | Depends On | 1297403 | |
| Adam Mariš | 2016-02-02 10:00:14 UTC | Depends On | 1297406 | |
| Summer Long | 2016-02-12 05:21:36 UTC | CC | slong | |
| Doc Text | It was found that it is possible for an unprivileged process to allocate and accumulate far more file descriptors than the process' limit by sending them over a unix socket and then closing them to keep the process' fd count low, thus leading to a kernel memory or file descriptors exhaustion. | A resource-consumption vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). | ||
| Summer Long | 2016-02-12 05:24:11 UTC | Doc Text | A resource-consumption vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). | A resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). |
| Martin Prpič | 2016-05-09 14:25:24 UTC | Doc Text | A resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). | It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system. |
| Norman Sardella | 2016-07-25 14:03:27 UTC | CC | sardella | |
| John Skeoch | 2016-10-04 04:20:18 UTC | CC | pholasek | |
| PnT Account Manager | 2018-02-07 23:10:32 UTC | CC | agordeev | |
| PnT Account Manager | 2018-07-19 06:13:58 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:01:55 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 14:55:14 UTC | CC | esammons | |
| PnT Account Manager | 2019-05-02 21:50:57 UTC | CC | anemec | |
| Product Security DevOps Team | 2019-06-08 02:47:22 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:47:22 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:41:49 UTC | Whiteboard | impact=moderate,public=20160119,reported=20160111,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
Back to bug 1297813