Back to bug 1313686
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-03-02 08:41:46 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-02 08:41:46 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-03-02 08:45:13 UTC | Blocks | 1313687 | |
| Prasad Pandit | 2016-04-12 10:55:36 UTC | CC | prasad | |
| Prasad Pandit | 2016-04-13 17:57:35 UTC | Whiteboard | impact=low,public=no,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=new,rhel-5/xen=new,rhel-6/qemu-kvm=new,rhel-6/qemu-kvm-rhev=new,rhel-7/qemu-kvm=new,rhel-7/qemu-kvm-rhev=new,openstack-5/qemu-kvm-rhev=new,openstack-6/qemu-kvm-rhev=new,openstack-7/qemu-kvm-rhev=new,openstack-8/qemu-kvm-rhev=new,rhev-m-3/qemu-kvm-rhev=new,fedora-all/qemu=affected,fedora-all/xen=affected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected |
| Prasad Pandit | 2016-04-13 18:02:54 UTC | Summary | EMBARGOED qemu-kvm: Leakage of stack memory to guest in kvmvapic.c | qemu-kvm: Leakage of stack memory to guest in kvmvapic.c |
| Prasad Pandit | 2016-04-13 18:03:06 UTC | Group | security, qe_staff | |
| Prasad Pandit | 2016-04-13 18:03:23 UTC | Depends On | 1326904 | |
| Prasad Pandit | 2016-04-13 18:05:55 UTC | Summary | qemu-kvm: Leakage of stack memory to guest in kvmvapic.c | Qemu: i386: leakage of stack memory to guest in kvmvapic.c |
| Prasad Pandit | 2016-04-14 16:04:02 UTC | Alias | CVE-2016-4020 | |
| Prasad Pandit | 2016-04-14 16:04:16 UTC | Summary | Qemu: i386: leakage of stack memory to guest in kvmvapic.c | CVE-2016-4020 Qemu: i386: leakage of stack memory to guest in kvmvapic.c |
| Salvatore Bonaccorso | 2016-04-15 04:47:53 UTC | CC | carnil | |
| John Skeoch | 2016-04-18 07:54:04 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 00:44:52 UTC | CC | pmyers | |
| Garth Mollett | 2016-04-19 06:11:13 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=defer,rhel-7/qemu-kvm-rhev=defer,openstack-5/qemu-kvm-rhev=defer,openstack-6/qemu-kvm-rhev=defer,openstack-7/qemu-kvm-rhev=defer,openstack-8/qemu-kvm-rhev=defer,fedora-all/qemu=affected,fedora-all/xen=notaffected |
| Prasad Pandit | 2016-05-13 07:24:30 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=defer,rhel-7/qemu-kvm-rhev=defer,openstack-5/qemu-kvm-rhev=defer,openstack-6/qemu-kvm-rhev=defer,openstack-7/qemu-kvm-rhev=defer,openstack-8/qemu-kvm-rhev=defer,fedora-all/qemu=affected,fedora-all/xen=notaffected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected |
| Prasad Pandit | 2016-05-13 07:25:16 UTC | Depends On | 1335751 | |
| Prasad Pandit | 2016-05-13 07:25:28 UTC | Depends On | 1335752 | |
| Prasad Pandit | 2016-05-13 07:25:43 UTC | Depends On | 1335753 | |
| Prasad Pandit | 2016-05-13 07:26:01 UTC | Depends On | 1335754 | |
| Prasad Pandit | 2016-05-13 07:26:22 UTC | Depends On | 1335755 | |
| Prasad Pandit | 2016-05-13 07:26:39 UTC | Depends On | 1335756 | |
| Prasad Pandit | 2016-05-13 07:29:56 UTC | Doc Text | Qemu emulator built with the Task Priority Register(TPR) optimizations for 32-bit Windows guests, is vulnerable to a information leakage issue. It could occur while accessing Task Priority Register(TPR). A privileged user/process inside guest could use this issue to leak host memory bytes. | |
| Jeff Nelson | 2016-09-17 16:45:25 UTC | Flags | needinfo?(prasad) | |
| Prasad Pandit | 2016-09-19 10:32:35 UTC | Flags | needinfo?(prasad) | |
| Summer Long | 2016-09-27 04:43:48 UTC | Depends On | 1378649 | |
| Summer Long | 2016-09-27 04:45:25 UTC | Depends On | 1378650 | |
| Summer Long | 2016-09-27 04:46:08 UTC | Depends On | 1378651 | |
| Summer Long | 2016-09-27 04:47:01 UTC | Depends On | 1378652 | |
| Summer Long | 2016-09-27 04:47:49 UTC | Depends On | 1378653 | |
| Summer Long | 2016-09-27 04:48:46 UTC | Depends On | 1378654 | |
| Summer Long | 2016-09-27 04:53:11 UTC | CC | slong | |
| Doc Text | Qemu emulator built with the Task Priority Register(TPR) optimizations for 32-bit Windows guests, is vulnerable to a information leakage issue. It could occur while accessing Task Priority Register(TPR). A privileged user/process inside guest could use this issue to leak host memory bytes. | An information-exposure flaw was found in the QEMU emulator built with Task Priority Register(TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing the Task Priority Register(TPR). A privileged user or process inside the guest could use this issue to leak host memory bytes. | ||
| Summer Long | 2016-09-30 03:31:44 UTC | Blocks | 1377819 | |
| Summer Long | 2016-10-05 04:13:29 UTC | Depends On | 1378653 | |
| Summer Long | 2016-10-05 04:18:12 UTC | Depends On | 1378651 | |
| Summer Long | 2016-10-05 04:19:30 UTC | Depends On | 1378652 | |
| Summer Long | 2016-10-05 04:20:00 UTC | Depends On | 1378654 | |
| Summer Long | 2016-10-05 04:20:07 UTC | Depends On | 1378650 | |
| Summer Long | 2016-10-05 04:20:15 UTC | Depends On | 1378649 | |
| Summer Long | 2016-10-05 04:27:47 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected |
| Summer Long | 2016-10-05 04:28:04 UTC | CC | cvsbot-xmlrpc, kbasil, virt-maint | |
| Summer Long | 2016-10-05 04:28:22 UTC | Depends On | 1381794 | |
| Garth Mollett | 2017-07-04 02:17:31 UTC | CC | jjoyce | |
| Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected | ||
| Garth Mollett | 2017-07-27 08:12:56 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected |
| Garth Mollett | 2017-07-27 08:22:40 UTC | Depends On | 1475714, 1475713 | |
| Tomas Hoger | 2017-07-28 11:26:32 UTC | Doc Text | An information-exposure flaw was found in the QEMU emulator built with Task Priority Register(TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing the Task Priority Register(TPR). A privileged user or process inside the guest could use this issue to leak host memory bytes. | An information exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory. |
| Prasad Pandit | 2017-07-29 09:02:39 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,cvss3=3.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected |
| Prasad Pandit | 2017-07-29 09:05:29 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-200,cvss3=3.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected |
| Adam Young | 2017-07-29 21:43:46 UTC | CC | ayoung | |
| Summer Long | 2017-08-01 00:13:14 UTC | Doc Text | An information exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory. | An information-exposure flaw was found in Quick Emulator (QEMU) in Task Priority Register (TPR) optimizations for 32-bit Windows guests. The flaw could occur while accessing TPR. A privileged user inside a guest could use this issue to read portions of the host memory. |
| Scott Herold | 2017-09-12 15:39:31 UTC | CC | sherold | |
| PnT Account Manager | 2018-01-30 23:56:25 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 14:50:02 UTC | CC | rbalakri | |
| PnT Account Manager | 2018-11-05 22:43:15 UTC | CC | ylavi | |
| Gil Klein | 2019-04-14 12:41:55 UTC | CC | gklein | |
| Product Security DevOps Team | 2019-06-08 02:49:13 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:49:13 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=low,public=20160407,reported=20160302,source=researcher,cvss2=2.9/AV:A/AC:M/Au:N/C:P/I:N/A:N,cvss3=3.4/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N,cwe=CWE-200,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected |
Back to bug 1313686