Back to bug 1313428
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Vladis Dronov | 2016-03-01 15:25:58 UTC | Depends On | 1313433 | |
| Vladis Dronov | 2016-03-01 15:41:06 UTC | Whiteboard | impact=moderate,public=20151228,reported=20140310,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=notaffected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected | impact=moderate,public=20151228,reported=20140310,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected |
| Vladis Dronov | 2016-03-01 15:44:41 UTC | Blocks | 1313449 | |
| Salvatore Bonaccorso | 2016-03-01 16:15:10 UTC | CC | carnil | |
| Vladis Dronov | 2016-03-02 17:11:14 UTC | Depends On | 1313959 | |
| Vladis Dronov | 2016-03-02 17:11:27 UTC | Depends On | 1313960 | |
| Vladis Dronov | 2016-03-02 17:13:42 UTC | Depends On | 1313962 | |
| Vladis Dronov | 2016-03-02 17:13:51 UTC | Depends On | 1313963 | |
| Vladis Dronov | 2016-03-04 06:54:40 UTC | Depends On | 1074510 | |
| Vladis Dronov | 2016-03-07 09:21:19 UTC | Alias | CVE-2016-2847 | |
| Vladis Dronov | 2016-03-07 09:21:34 UTC | Summary | kernel: pipe: limit the per-user amount of pages allocated in pipes | CVE-2016-2847 kernel: pipe: limit the per-user amount of pages allocated in pipes |
| Slawomir Czarko | 2016-04-29 07:01:49 UTC | CC | slawomir | |
| Vladis Dronov | 2016-06-14 20:55:29 UTC | Doc Text | A security flaw was found that on the Linux systems it is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit. The result is an OOM condition and oom-killer is not able to help much, as the memory for the pipe data is a kernel memory and a memory footprint of offensive processes is small. | |
| John Skeoch | 2016-10-04 04:22:12 UTC | CC | pholasek | |
| Prasad Pandit | 2016-12-12 06:57:22 UTC | CC | prasad | |
| Prasad Pandit | 2016-12-12 06:57:48 UTC | Depends On | 1371573 | |
| Eric Christensen | 2017-01-26 20:29:02 UTC | Doc Text | A security flaw was found that on the Linux systems it is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit. The result is an OOM condition and oom-killer is not able to help much, as the memory for the pipe data is a kernel memory and a memory footprint of offensive processes is small. | It is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit. |
| Vladis Dronov | 2017-01-31 10:11:36 UTC | Whiteboard | impact=moderate,public=20151228,reported=20140310,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected | impact=moderate,public=20151228,reported=20140310,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected |
| Vladis Dronov | 2017-02-21 02:38:55 UTC | Depends On | 1425270 | |
| Vladis Dronov | 2017-02-21 02:41:50 UTC | Depends On | 1425270 | |
| Yasuhiro Ozone | 2017-04-07 05:18:15 UTC | CC | yozone | |
| PnT Account Manager | 2018-02-07 23:11:42 UTC | CC | agordeev | |
| PnT Account Manager | 2018-07-19 06:14:51 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:02:55 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 14:55:10 UTC | CC | esammons | |
| Product Security DevOps Team | 2019-06-08 02:49:11 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:49:11 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=moderate,public=20151228,reported=20140310,source=researcher,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-400,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected |
Back to bug 1313428