Back to bug 1300237
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-20 10:25:59 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-20 10:25:59 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-20 11:26:37 UTC | Blocks | 1300260 | |
| Wade Mealing | 2016-01-22 08:02:33 UTC | CC | wmealing | |
| Wade Mealing | 2016-01-22 09:01:59 UTC | Whiteboard | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Wade Mealing | 2016-01-22 09:53:43 UTC | Comment 3 is private | 1 | 0 |
| Wade Mealing | 2016-01-22 10:05:16 UTC | Whiteboard | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Wade Mealing | 2016-01-22 10:06:05 UTC | Doc Text | An issue with ASN1.1 DER decoder was reported that a specially created key file could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files by triggering BUG_ON() in public_key_verify_signature() in crypto/asymmetric_keys/public_key.c causes a kernel panic and crash the sytem. | |
| Wade Mealing | 2016-01-25 06:15:23 UTC | Whiteboard | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Wade Mealing | 2016-01-25 06:16:53 UTC | Whiteboard | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=wontfix |
| Wade Mealing | 2016-01-25 06:24:04 UTC | Summary | EMBARGOED kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature() | kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature() |
| Wade Mealing | 2016-01-25 06:24:12 UTC | Group | security, qe_staff | |
| Andrej Nemec | 2016-01-25 08:03:20 UTC | Alias | CVE-2016-2053 | |
| Andrej Nemec | 2016-01-25 08:03:33 UTC | Summary | kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature() | CVE-2016-2053 kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature() |
| Christoph Löhr | 2016-01-26 10:23:26 UTC | CC | loehr | |
| Wade Mealing | 2016-01-27 00:44:52 UTC | Whiteboard | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=wontfix | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Wade Mealing | 2016-01-27 00:45:43 UTC | Depends On | 1302162 | |
| Wade Mealing | 2016-01-27 00:45:46 UTC | Depends On | 1302163 | |
| Slawomir Czarko | 2016-01-27 09:24:44 UTC | CC | slawomir | |
| David Howells | 2016-01-27 14:36:43 UTC | CC | dhowells | |
| Wade Mealing | 2016-01-28 06:36:00 UTC | Flags | needinfo?(dhowells) | |
| Wade Mealing | 2016-01-29 02:00:53 UTC | Flags | needinfo?(dhowells) | |
| Wade Mealing | 2016-02-01 02:00:32 UTC | Doc Text | An issue with ASN1.1 DER decoder was reported that a specially created key file could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files by triggering BUG_ON() in public_key_verify_signature() in crypto/asymmetric_keys/public_key.c causes a kernel panic and crash the sytem. | An issue with ASN1.1 DER decoder was reported that a specially created key file could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files by triggering BUG_ON() in public_key_verify_signature() in crypto/asymmetric_keys/public_key.c causes a kernel panic and crash the system. |
| Wade Mealing | 2016-02-01 02:31:01 UTC | Whiteboard | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=notaffected |
| Adam Mariš | 2016-02-02 15:43:17 UTC | Depends On | 1303981 | |
| Wade Mealing | 2016-02-03 04:07:33 UTC | Doc Text | An issue with ASN1.1 DER decoder was reported that a specially created key file could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files by triggering BUG_ON() in public_key_verify_signature() in crypto/asymmetric_keys/public_key.c causes a kernel panic and crash the system. | An issue with ASN1.1 DER decoder was reported that a specially created key file could lead to memory corruptions or complete local denial of service via x509 certificate DER files by triggering BUG_ON() in public_key_verify_signature() in crypto/asymmetric_keys/public_key.c causes a kernel panic and crash the system. |
| Summer Long | 2016-02-15 01:30:52 UTC | CC | slong | |
| Doc Text | An issue with ASN1.1 DER decoder was reported that a specially created key file could lead to memory corruptions or complete local denial of service via x509 certificate DER files by triggering BUG_ON() in public_key_verify_signature() in crypto/asymmetric_keys/public_key.c causes a kernel panic and crash the system. | A syntax vulnerability was discovered in the kernel's ASN1.1 DER decoder, which could lead to memory corruption or a complete local denial of service through x509 certificate DER files. A local system user could use a specially created key file to trigger BUG_ON() in the public_key_verify_signature() function (crypto/asymmetric_keys/public_key.c), to cause a kernel panic and crash the system. | ||
| David Howells | 2016-02-18 16:51:42 UTC | Depends On | 1250405 | |
| John Skeoch | 2016-10-04 04:20:53 UTC | CC | pholasek | |
| Adam Mariš | 2017-03-01 20:38:29 UTC | Whiteboard | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=notaffected | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=notaffected |
| PnT Account Manager | 2018-02-07 23:10:40 UTC | CC | agordeev | |
| PnT Account Manager | 2018-07-19 06:14:04 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:02:02 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 15:00:05 UTC | CC | esammons | |
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=moderate,public=20160125,reported=20160120,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-228,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=affected,fedora-all/kernel=notaffected | |
| Joey Boggs | 2020-09-15 18:43:59 UTC | CC | plougher | |
| Red Hat Bugzilla | 2021-03-23 23:39:15 UTC | CC | matt | |
| Red Hat Bugzilla | 2021-05-30 12:33:29 UTC | CC | bhu | |
| Jeff Fearn 🐞 | 2021-06-03 12:08:07 UTC | CC | bhu | |
| Joshua Padman | 2021-10-21 00:49:34 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2021-10-21 00:49:34 UTC |
Back to bug 1300237