Back to bug 1314676
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Prasad Pandit | 2016-03-04 08:43:44 UTC | Blocks | 1305286 | |
| Prasad Pandit | 2016-03-04 08:44:05 UTC | Depends On | 1314677 | |
| Prasad Pandit | 2016-03-04 08:44:26 UTC | Depends On | 1314678 | |
| Prasad Pandit | 2016-03-04 08:48:12 UTC | Doc Text | Qemu emulator built with the Pseudo Random Number Generator(PRNG) back-end support is vulnerable to an arbitrary stack based allocation and memory corruption via random bytes issue. It could occur when a guest requests for entropy for random number generation. A user/process inside guest could use this flaw to crash the Qemu process resulting in DoS. |
|
| Prasad Pandit | 2016-03-07 05:45:32 UTC | Alias | CVE-2016-2858 | |
| Prasad Pandit | 2016-03-07 05:45:47 UTC | Summary | Qemu: rng-random: arbitrary stack based allocation leading to corruption | CVE-2016-2858 Qemu: rng-random: arbitrary stack based allocation leading to corruption |
| Martin Prpič | 2016-03-15 11:33:55 UTC | Doc Text | Qemu emulator built with the Pseudo Random Number Generator(PRNG) back-end support is vulnerable to an arbitrary stack based allocation and memory corruption via random bytes issue. It could occur when a guest requests for entropy for random number generation. A user/process inside guest could use this flaw to crash the Qemu process resulting in DoS. | |
| John Skeoch | 2016-04-18 07:25:47 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 00:41:04 UTC | CC | pmyers | |
| PnT Account Manager | 2018-01-30 23:56:32 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 14:50:15 UTC | CC | rbalakri | |
| Product Security DevOps Team | 2019-06-08 02:49:21 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2019-06-08 02:49:21 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=low,public=20160122,reported=20160205,source=redhat,cvss2=4.3/AV:A/AC:M/Au:N/C:N/I:P/A:P,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=affected |
Back to bug 1314676