Back to bug 1302057

Who When What Removed Added
Adam Mariš 2016-01-26 16:35:01 UTC CC security-response-team
Red Hat Bugzilla 2016-01-26 16:35:01 UTC Doc Type --- Bug Fix
Adam Mariš 2016-01-26 16:43:53 UTC Blocks 1302060
Prasad Pandit 2016-01-29 06:23:44 UTC CC prasad
Doc Text Qemu emulator built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure(FIS) & Command List Block(CLB) entries. A privileged user inside guest could use this flaw to crash the Qemu process instance resulting in DoS.
Whiteboard impact=moderate,public=no,reported=20160126,source=researcher,cvss2=5.2/AV:A/AC:M/Au:S/C:N/I:N/A:C,cwe=CWE-476,rhel-5/kvm=new,rhel-5/xen=new,rhel-6/qemu-kvm=new,rhel-6/qemu-kvm-rhev=new,rhel-7/qemu-kvm=new,rhel-7/qemu-kvm-rhev=new,openstack-5/qemu-kvm-rhev=new,openstack-6/qemu-kvm-rhev=new,openstack-7/qemu-kvm-rhev=new,openstack-8/qemu-kvm-rhev=new,rhev-m-3/qemu-kvm-rhev=new,fedora-all/qemu=affected,fedora-all/xen=affected impact=low,public=20160128,reported=20160126,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected
Prasad Pandit 2016-01-29 06:30:24 UTC Summary EMBARGOED qemu: Null pointer dereference in ahci qemu: Null pointer dereference in ahci
Prasad Pandit 2016-01-29 06:30:34 UTC Group security, qe_staff
Prasad Pandit 2016-01-29 06:31:03 UTC Depends On 1302952
Prasad Pandit 2016-01-29 06:32:41 UTC Summary qemu: Null pointer dereference in ahci Qemu: ide: ahci null pointer dereference when using FIS CLB engines
Prasad Pandit 2016-02-01 04:38:45 UTC Alias CVE-2016-2197
Prasad Pandit 2016-02-01 04:38:59 UTC Summary Qemu: ide: ahci null pointer dereference when using FIS CLB engines CVE-2016-2197 Qemu: ide: ahci null pointer dereference when using FIS CLB engines
Martin Prpič 2016-02-01 09:00:57 UTC Priority medium low
Severity medium low
Summer Long 2016-03-13 23:25:22 UTC CC slong
Doc Text Qemu emulator built with an IDE AHCI emulation support is vulnerable to a null pointer dereference flaw. It occurs while unmapping the Frame Information Structure(FIS) & Command List Block(CLB) entries. A privileged user inside guest could use this flaw to crash the Qemu process instance resulting in DoS. A NULL pointer dereference flaw was found in the QEMU emulator built with IDE AHCI emulation support. The flaw occurs when unmapping the Frame Information Structure(FIS) & Command List Block(CLB) entries. A privileged user inside a guest could use this flaw to crash the QEMU process instance (denial of service).
John Skeoch 2016-04-18 07:49:28 UTC CC yeylon srevivo
Perry Myers 2016-04-19 01:06:16 UTC CC pmyers
Scott Herold 2017-09-12 15:36:21 UTC CC sherold
PnT Account Manager 2018-01-30 23:55:20 UTC CC aortega
PnT Account Manager 2018-07-18 14:48:11 UTC CC rbalakri
PnT Account Manager 2018-11-05 22:42:07 UTC CC ylavi
Gil Klein 2019-04-14 12:34:44 UTC CC gklein
Product Security DevOps Team 2019-06-08 02:47:54 UTC Status NEW CLOSED
Resolution --- WONTFIX
Last Closed 2019-06-08 02:47:54 UTC
Product Security DevOps Team 2019-09-29 13:43:28 UTC Whiteboard impact=low,public=20160128,reported=20160126,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected

Back to bug 1302057