Back to bug 1302299
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-27 12:41:10 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-27 12:41:10 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-27 13:24:04 UTC | Blocks | 1302315 | |
| Prasad Pandit | 2016-02-12 17:13:06 UTC | Blocks | 1307095 | |
| Prasad Pandit | 2016-02-12 17:13:54 UTC | Blocks | 1302315 | |
| Prasad Pandit | 2016-02-12 18:13:02 UTC | Priority | medium | low |
| CC | prasad | |||
| Doc Text | Qemu emulator built with the USB Net device emulation support is vulnerable to a NULL pointer dereference issue. It could occur while processing remote NDIS control message packets, when the USB configuration descriptor object is null. A privileged user inside guest could use this flaw to leak host memory bytes to guest or crash the Qemu process instance resulting in DoS. | |||
| Whiteboard | impact=moderate,public=no,reported=20160127,source=researcher,cvss2=5.2/AV:A/AC:M/Au:S/C:N/I:N/A:C,cwe=CWE-476,rhel-5/kvm=new,rhel-5/xen=new,rhel-6/qemu-kvm=new,rhel-6/qemu-kvm-rhev=new,rhel-7/qemu-kvm=new,rhel-7/qemu-kvm-rhev=new,openstack-5/qemu-kvm-rhev=new,openstack-6/qemu-kvm-rhev=new,openstack-7/qemu-kvm-rhev=new,openstack-8/qemu-kvm-rhev=new,rhev-m-3/qemu-kvm-rhev=new,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160211,reported=20160127,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | ||
| Severity | medium | low | ||
| Prasad Pandit | 2016-02-12 18:14:46 UTC | Doc Text | Qemu emulator built with the USB Net device emulation support is vulnerable to a NULL pointer dereference issue. It could occur while processing remote NDIS control message packets, when the USB configuration descriptor object is null. A privileged user inside guest could use this flaw to leak host memory bytes to guest or crash the Qemu process instance resulting in DoS. | Qemu emulator built with the USB Net device emulation support is vulnerable to a NULL pointer dereference issue. It could occur while processing remote NDIS control message packets, when the USB configuration descriptor object is null. A privileged user inside guest could use this flaw to crash the Qemu process instance resulting in DoS. |
| Prasad Pandit | 2016-02-12 18:15:55 UTC | Summary | EMBARGOED qemu: Null pointer dereference in usb module | qemu: Null pointer dereference in usb module |
| Prasad Pandit | 2016-02-12 18:16:06 UTC | Group | security, qe_staff | |
| Prasad Pandit | 2016-02-12 18:16:41 UTC | Depends On | 1307115 | |
| Prasad Pandit | 2016-02-12 18:17:00 UTC | Depends On | 1307116 | |
| Prasad Pandit | 2016-02-12 18:18:57 UTC | Summary | qemu: Null pointer dereference in usb module | Qemu: usb: null pointer dereference in remote NDIS control message handling |
| Salvatore Bonaccorso | 2016-02-13 05:27:11 UTC | CC | carnil | |
| Prasad Pandit | 2016-02-16 18:56:10 UTC | Alias | CVE-2016-2392 | |
| Prasad Pandit | 2016-02-16 18:56:24 UTC | Summary | Qemu: usb: null pointer dereference in remote NDIS control message handling | CVE-2016-2392 Qemu: usb: null pointer dereference in remote NDIS control message handling |
| Garth Mollett | 2016-02-17 00:24:45 UTC | Whiteboard | impact=low,public=20160211,reported=20160127,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160211,reported=20160127,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected |
| Summer Long | 2016-03-13 23:14:04 UTC | CC | slong | |
| Doc Text | Qemu emulator built with the USB Net device emulation support is vulnerable to a NULL pointer dereference issue. It could occur while processing remote NDIS control message packets, when the USB configuration descriptor object is null. A privileged user inside guest could use this flaw to crash the Qemu process instance resulting in DoS. | A NULL pointer dereference flaw was found in the QEMU emulator built with USB Net device emulation support. The flaw could occur while processing remote NDIS control message packets, if the USB configuration descriptor object is NULL. A privileged user inside a guest could exploit this flaw to crash the QEMU process instance (denial of service). | ||
| John Skeoch | 2016-04-18 07:55:06 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 00:49:38 UTC | CC | pmyers | |
| Garth Mollett | 2017-07-31 23:11:51 UTC | CC | cvsbot-xmlrpc, jjoyce, kbasil, virt-maint | |
| Whiteboard | impact=low,public=20160211,reported=20160127,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160211,reported=20160127,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected | ||
| Scott Herold | 2017-09-12 15:29:53 UTC | CC | sherold | |
| PnT Account Manager | 2018-01-30 23:55:30 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 14:48:21 UTC | CC | rbalakri | |
| PnT Account Manager | 2018-11-05 22:42:15 UTC | CC | ylavi | |
| Gil Klein | 2019-04-14 12:38:19 UTC | CC | gklein | |
| Product Security DevOps Team | 2019-06-08 02:47:56 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2019-06-08 02:47:56 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:43:28 UTC | Whiteboard | impact=low,public=20160211,reported=20160127,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-476,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-6/qemu-kvm-rhev=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected | |
| Ondrej Soukup | 2021-06-01 14:52:16 UTC | CC | osoukup |
Back to bug 1302299