Back to bug 1303106
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-29 15:04:33 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-29 15:04:33 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-01-29 15:07:45 UTC | Blocks | 1303107 | |
| Prasad Pandit | 2016-02-02 17:58:01 UTC | Comment 1 is private | 1 | 0 |
| CC | prasad | |||
| Doc Text | Qemu emulator built with the NE2000 NIC emulation support is vulnerable to an infinite loop issue. It could occur when receiving packets over the network. A privileged user inside guest could use this flaw to crash the Qemu instance resulting in DoS. | |||
| Whiteboard | impact=moderate,public=no,reported=20160129,source=researcher,cvss2=5.2/AV:A/AC:M/Au:S/C:N/I:N/A:C,cwe=CWE-835,rhel-5/kvm=new,rhel-5/xen=new,rhel-6/qemu-kvm=new,rhel-6/qemu-kvm-rhev=new,rhel-7/qemu-kvm=new,rhel-7/qemu-kvm-rhev=new | impact=low,public=20160202,reported=20160129,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-835,rhel-5/kvm=wontfix,rhel-5/xen=wontfix,rhel-6/qemu-kvm=wontfix,rhel-6/qemu-kvm-rhev=wontfix,rhel-7/qemu-kvm=wontfix | ||
| Whiteboard | ,openstack-5/qemu-kvm-rhev=new,openstack-6/qemu-kvm-rhev=new,openstack-7/qemu-kvm-rhev=new,openstack-8/qemu-kvm-rhev=new,rhev-m-3/qemu-kvm-rhev=new,fedora-all/qemu=affected,fedora-all/xen=affected | ,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | ||
| Prasad Pandit | 2016-02-02 18:02:35 UTC | Summary | EMBARGOED qemu: Infinite loop in ne2000_receive | EMBARGOED Qemu: net: ne2000: infinite loop in ne2000_receive |
| Prasad Pandit | 2016-02-02 18:03:47 UTC | Summary | EMBARGOED Qemu: net: ne2000: infinite loop in ne2000_receive | Qemu: net: ne2000: infinite loop in ne2000_receive |
| Prasad Pandit | 2016-02-02 18:03:59 UTC | Group | security, qe_staff | |
| Prasad Pandit | 2016-02-02 18:04:17 UTC | Depends On | 1304047 | |
| Prasad Pandit | 2016-02-02 18:04:39 UTC | Depends On | 1304048 | |
| Prasad Pandit | 2016-02-03 16:30:35 UTC | Priority | medium | low |
| Severity | medium | low | ||
| Prasad Pandit | 2016-03-03 04:44:49 UTC | Alias | CVE-2016-2841 | |
| Prasad Pandit | 2016-03-03 04:45:00 UTC | Summary | Qemu: net: ne2000: infinite loop in ne2000_receive | CVE-2016-2841 Qemu: net: ne2000: infinite loop in ne2000_receive |
| Summer Long | 2016-03-13 23:42:03 UTC | CC | slong | |
| Doc Text | Qemu emulator built with the NE2000 NIC emulation support is vulnerable to an infinite loop issue. It could occur when receiving packets over the network. A privileged user inside guest could use this flaw to crash the Qemu instance resulting in DoS. | An infinite-loop flaw was found in the QEMU emulator built with NE2000 NIC emulation support. The flaw could occur when receiving packets over the network. A privileged user inside a guest could exploit this flaw to crash the QEMU instance (denial of service). | ||
| John Skeoch | 2016-04-18 07:33:52 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 00:39:24 UTC | CC | pmyers | |
| Garth Mollett | 2017-07-31 23:01:44 UTC | CC | cvsbot-xmlrpc, jjoyce, kbasil, virt-maint | |
| Whiteboard | impact=low,public=20160202,reported=20160129,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-835,rhel-5/kvm=wontfix,rhel-5/xen=wontfix,rhel-6/qemu-kvm=wontfix,rhel-6/qemu-kvm-rhev=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160202,reported=20160129,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-835,rhel-5/kvm=wontfix,rhel-5/xen=wontfix,rhel-6/qemu-kvm=wontfix,rhel-6/qemu-kvm-rhev=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected | ||
| Scott Herold | 2017-09-12 15:30:01 UTC | CC | sherold | |
| PnT Account Manager | 2018-01-30 23:55:36 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 14:48:35 UTC | CC | rbalakri | |
| PnT Account Manager | 2018-11-05 22:42:22 UTC | CC | ylavi | |
| Gil Klein | 2019-04-14 12:58:48 UTC | CC | gklein | |
| Product Security DevOps Team | 2019-06-08 02:48:01 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2019-06-08 02:48:01 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:43:28 UTC | Whiteboard | impact=low,public=20160202,reported=20160129,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cwe=CWE-835,rhel-5/kvm=wontfix,rhel-5/xen=wontfix,rhel-6/qemu-kvm=wontfix,rhel-6/qemu-kvm-rhev=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=affected | |
| Ondrej Soukup | 2021-06-01 15:21:53 UTC | CC | osoukup |
Back to bug 1303106