Back to bug 1300771
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-21 16:51:13 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-21 16:51:13 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-21 16:58:41 UTC | Blocks | 1300775 | |
| Prasad Pandit | 2016-03-01 08:11:35 UTC | Priority | medium | low |
| CC | prasad | |||
| Whiteboard | impact=moderate,public=no,reported=20160121,source=researcher,cvss2=3.6/AV:L/AC:L/Au:N/C:P/I:N/A:P,rhel-5/kvm=new,rhel-6/qemu-kvm=new,rhel-6/qemu-kvm-rhev=new,rhel-7/qemu-kvm=new,rhel-7/qemu-kvm-rhev=new,openstack-5/qemu-kvm-rhev=new,openstack-6/qemu-kvm-rhev=new,openstack-7/qemu-kvm-rhev=new,openstack-8/qemu-kvm-rhev=new,rhev-m-3/qemu-kvm-rhev=new,fedora-all/qemu=affected,epel-all/qemu=affected | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=notaffected,fedora-all/xen=affected | ||
| Severity | medium | low | ||
| Prasad Pandit | 2016-03-01 09:43:08 UTC | Doc Text | Qemu emulator built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS. | |
| Prasad Pandit | 2016-03-01 09:53:12 UTC | Summary | EMBARGOED qemu: Segmentation fault in address_space_rw | qemu: Segmentation fault in address_space_rw |
| Prasad Pandit | 2016-03-01 09:53:22 UTC | Group | security, qe_staff | |
| Prasad Pandit | 2016-03-01 09:54:59 UTC | Depends On | 1313273 | |
| Prasad Pandit | 2016-03-01 10:07:39 UTC | Summary | qemu: Segmentation fault in address_space_rw | Qemu: OOB access in address_space_rw leads to segmentation fault |
| Prasad Pandit | 2016-03-01 10:20:15 UTC | Whiteboard | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=notaffected,fedora-all/xen=affected | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=notaffected,fedora-all/xen=affected |
| Salvatore Bonaccorso | 2016-03-01 16:15:35 UTC | CC | carnil | |
| Prasad Pandit | 2016-03-02 03:37:30 UTC | Alias | CVE-2015-8817, CVE-2015-8818 | |
| Prasad Pandit | 2016-03-02 03:37:41 UTC | Summary | Qemu: OOB access in address_space_rw leads to segmentation fault | CVE-2015-8817 CVE-2015-8818 Qemu: OOB access in address_space_rw leads to segmentation fault |
| Summer Long | 2016-03-13 23:53:43 UTC | CC | slong | |
| Doc Text | Qemu emulator built to use 'address_space_translate' to map an address to a MemoryRegionSection is vulnerable to an OOB r/w access issue. It could occur while doing pci_dma_read/write calls. A privileged user inside guest could use this flaw to crash the guest instance resulting in DoS. | An out-of-bounds flaw was found in the QEMU emulator built using 'address_space_translate' to map an address to a MemoryRegionSection. The flaw could occur while doing pci_dma_read/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw to crash the guest instance (denial of service). | ||
| John Skeoch | 2016-04-18 07:39:20 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 00:47:54 UTC | CC | pmyers | |
| Prasad Pandit | 2016-05-13 07:01:16 UTC | Whiteboard | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=notaffected,fedora-all/xen=affected | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=notaffected,fedora-all/xen=affected |
| Prasad Pandit | 2016-05-13 07:09:16 UTC | Depends On | 1335741 | |
| Prasad Pandit | 2016-05-13 07:14:46 UTC | Depends On | 1335742 | |
| Prasad Pandit | 2016-05-13 07:15:01 UTC | Depends On | 1335743 | |
| Prasad Pandit | 2016-05-13 07:15:26 UTC | Depends On | 1335744 | |
| Prasad Pandit | 2016-05-13 07:15:42 UTC | Depends On | 1335745 | |
| Adam Mariš | 2016-10-19 13:30:06 UTC | Whiteboard | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=notaffected,fedora-all/xen=affected | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,fedora-all/qemu=notaffected,fedora-all/xen=affected |
| Adam Mariš | 2016-10-19 13:30:19 UTC | CC | cvsbot-xmlrpc, kbasil, virt-maint | |
| Adam Mariš | 2016-10-19 13:32:05 UTC | Depends On | 1386697 | |
| Prasad Pandit | 2016-11-23 11:04:07 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-23 06:04:07 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=low,public=20160127,reported=20160121,source=researcher,cvss2=4.0/AV:A/AC:H/Au:S/C:P/I:P/A:P,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,fedora-all/qemu=notaffected,fedora-all/xen=affected |
Back to bug 1300771