Back to bug 1300257
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-20 11:15:44 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-20 11:15:44 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-20 11:16:21 UTC | Whiteboard | impact=moderate,public=no,reported=20160120,source=reasearcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected |
| Adam Mariš | 2016-01-20 11:26:26 UTC | Blocks | 1300260 | |
| Wade Mealing | 2016-01-28 08:50:55 UTC | CC | dhowells, wmealing | |
| Wade Mealing | 2016-01-29 05:21:24 UTC | Whiteboard | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=4.6/AV:L/AC:L/Au:S/C:N/I:N/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected |
| Wade Mealing | 2016-01-29 05:21:59 UTC | Whiteboard | impact=moderate,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=important,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected |
| Wade Mealing | 2016-01-29 05:22:06 UTC | Severity | medium | high |
| Wade Mealing | 2016-01-29 05:22:14 UTC | Priority | medium | high |
| Petr Matousek | 2016-01-29 09:16:37 UTC | CC | pmatouse | |
| Blocks | 1300260 | 1302159 | ||
| Adam Mariš | 2016-01-29 09:20:07 UTC | Summary | EMBARGOED kernel: Tags with indefinite length can corrupt pointers in asn1_find_indefinite_length() causing machine lock up | EMBARGOED CVE-2016-0758 kernel: Tags with indefinite length can corrupt pointers in asn1_find_indefinite_length() causing machine lock up |
| Alias | CVE-2016-0758 | |||
| Adam Mariš | 2016-02-02 15:42:36 UTC | Depends On | 1303981 | |
| Wade Mealing | 2016-02-11 12:03:05 UTC | Whiteboard | impact=important,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=important,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Wade Mealing | 2016-02-16 07:52:25 UTC | Depends On | 1308814 | |
| Wade Mealing | 2016-02-16 07:52:35 UTC | Depends On | 1308815 | |
| David Howells | 2016-02-18 16:51:42 UTC | Depends On | 1250405 | |
| Wade Mealing | 2016-04-11 11:30:46 UTC | Doc Text | An issue with ASN1.1 DER decoder was reported that could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files. | |
| Wade Mealing | 2016-04-11 11:31:04 UTC | Whiteboard | impact=important,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=important,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,cwe=CWE-120,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Wade Mealing | 2016-04-11 12:03:05 UTC | Comment 6 is private | 1 | 0 |
| Petr Matousek | 2016-04-11 13:40:02 UTC | Depends On | 1250405 | |
| Petr Matousek | 2016-04-11 13:42:22 UTC | Depends On | 1325957 | |
| Petr Matousek | 2016-04-11 13:42:29 UTC | Depends On | 1325958 | |
| Petr Matousek | 2016-04-11 13:42:38 UTC | Depends On | 1325959 | |
| Petr Matousek | 2016-04-11 13:42:47 UTC | Depends On | 1325960 | |
| Martin Prpič | 2016-04-15 11:16:53 UTC | Summary | EMBARGOED CVE-2016-0758 kernel: Tags with indefinite length can corrupt pointers in asn1_find_indefinite_length() causing machine lock up | EMBARGOED CVE-2016-0758 kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length() |
| Martin Prpič | 2016-05-11 10:29:17 UTC | Doc Text | An issue with ASN1.1 DER decoder was reported that could lead to memory corruptions, possible privilege escalation, or complete local denial of service via x509 certificate DER files. | A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files. A local attacker could use a specially crafted X.509 certificate DER file to escalate their privileges to root. |
| Vladis Dronov | 2016-05-11 10:30:12 UTC | CC | vdronov | |
| Martin Prpič | 2016-05-11 10:48:32 UTC | Doc Text | A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files. A local attacker could use a specially crafted X.509 certificate DER file to escalate their privileges to root. | A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system. |
| Wade Mealing | 2016-05-12 06:26:18 UTC | Whiteboard | impact=important,public=no,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,cwe=CWE-120,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=important,public=20160512,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,cwe=CWE-120,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Petr Matousek | 2016-05-12 07:06:04 UTC | Summary | EMBARGOED CVE-2016-0758 kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length() | CVE-2016-0758 kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length() |
| Petr Matousek | 2016-05-12 07:06:13 UTC | Group | security, qe_staff | |
| Petr Matousek | 2016-05-12 07:06:43 UTC | Depends On | 1335386 | |
| Vladis Dronov | 2016-05-12 10:35:16 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-05-12 06:35:16 UTC | |||
| Salvatore Bonaccorso | 2016-05-12 14:13:02 UTC | CC | carnil | |
| Slawomir Czarko | 2016-05-12 15:53:35 UTC | CC | slawomir | |
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=important,public=20160512,reported=20160120,source=researcher,cvss2=7.2/AV:L/AC:L/Au:N/C:C/I:C/A:C,cwe=CWE-120,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | |
| Ondrej Soukup | 2021-06-01 15:02:41 UTC | CC | osoukup |
Back to bug 1300257