Back to bug 1318553
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-03-17 08:45:34 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-17 08:45:34 UTC | Doc Type | --- | Bug Fix |
| Andrej Nemec | 2016-03-17 08:46:57 UTC | CC | ovs-team | |
| Andrej Nemec | 2016-03-17 08:51:48 UTC | Blocks | 1318555 | |
| Brenton Leanhardt | 2016-03-17 12:15:12 UTC | CC | tdawson | |
| Garth Mollett | 2016-03-18 06:34:24 UTC | Whiteboard | impact=moderate,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected |
| Garth Mollett | 2016-03-18 06:34:32 UTC | Severity | medium | high |
| Garth Mollett | 2016-03-18 06:34:40 UTC | Priority | medium | high |
| Flavio Leitner | 2016-03-18 12:34:40 UTC | CC | jbenc, pmatilai | |
| Flavio Leitner | 2016-03-18 12:36:17 UTC | CC | aconole, cascardo, lrichard, rkhan | |
| Garth Mollett | 2016-03-21 05:10:10 UTC | Depends On | 1319572 | |
| Garth Mollett | 2016-03-21 05:10:24 UTC | Depends On | 1319573 | |
| Garth Mollett | 2016-03-21 05:10:41 UTC | Depends On | 1319574 | |
| Garth Mollett | 2016-03-21 05:10:57 UTC | Depends On | 1319575 | |
| Flavio Leitner | 2016-03-21 20:12:03 UTC | CC | gmollett | |
| Flags | needinfo?(gmollett) | |||
| Garth Mollett | 2016-03-22 01:04:40 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected,rhel-7/openvswitch=affected |
| Flags | needinfo?(gmollett) | |||
| Garth Mollett | 2016-03-22 01:07:42 UTC | Depends On | 1319965 | |
| Garth Mollett | 2016-03-22 01:07:49 UTC | Depends On | 1319966 | |
| Garth Mollett | 2016-03-22 01:08:42 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected,rhel-7/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected |
| Flavio Leitner | 2016-03-22 12:32:51 UTC | Flags | needinfo?(gmollett) | |
| Martin Prpič | 2016-03-22 14:47:09 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected,rhel-7/openvswitch-dpdk=affected |
| Martin Prpič | 2016-03-22 14:47:18 UTC | CC | atragler | |
| Martin Prpič | 2016-03-22 14:48:22 UTC | Depends On | 1320201 | |
| Martin Prpič | 2016-03-22 14:48:26 UTC | Depends On | 1320202 | |
| Martin Prpič | 2016-03-22 14:49:20 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected,rhel-7/openvswitch-dpdk=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected |
| Garth Mollett | 2016-03-22 15:00:17 UTC | CC | amuller | |
| Flags | needinfo?(gmollett) | |||
| Garth Mollett | 2016-03-23 01:11:58 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-8/openvswitch=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=affected,openstack-8/openvswitch-dpdk=affected,openshift-enterprise-3/openvswitch=affected |
| Garth Mollett | 2016-03-23 01:12:11 UTC | CC | nyechiel | |
| Garth Mollett | 2016-03-23 01:14:32 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=affected,openstack-8/openvswitch-dpdk=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5-rhel6/openvswitch=notaffected,openstack-5-rhel7/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=affected,openstack-8/openvswitch-dpdk=affected,openshift-enterprise-3/openvswitch=affected |
| Garth Mollett | 2016-03-23 02:02:58 UTC | Depends On | 1320362 | |
| Garth Mollett | 2016-03-23 02:03:09 UTC | Depends On | 1320363 | |
| Garth Mollett | 2016-03-23 05:00:18 UTC | Doc Text | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that will be processed by OVS can trigger the flaw and use the resulting memory corruption to cause a Denial of Service or possibly gain remote code execution. Note: Versions based on 2.2 and 2.3 are believed to be susceptible to RCE while versions based on 2.4 are believed to be limited to DoS and only when running with debug level logging enabled. |
|
| Summer Long | 2016-03-23 05:57:13 UTC | CC | slong | |
| Doc Text | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that will be processed by OVS can trigger the flaw and use the resulting memory corruption to cause a Denial of Service or possibly gain remote code execution. Note: Versions based on 2.2 and 2.3 are believed to be susceptible to RCE while versions based on 2.4 are believed to be limited to DoS and only when running with debug level logging enabled. | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly execute remote code (RCE). Note: Packages based on upstream versions 2.2 and 2.3 are believed to be susceptible to RCE. However, packages based on 2.4 are believed to be limited to DoS; to be susceptible, these must be running with debug-level logging enabled. |
||
| Summer Long | 2016-03-23 06:00:53 UTC | Doc Text | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly execute remote code (RCE). Note: Packages based on upstream versions 2.2 and 2.3 are believed to be susceptible to RCE. However, packages based on 2.4 are believed to be limited to DoS; to be susceptible, these must be running with debug-level logging enabled. | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly execute remote code (RCE). Note: Packages based on upstream versions 2.2 and 2.3 are believed to be susceptible to RCE. However, packages based on 2.4 are believed to be limited to DoS; to be susceptible, 2.4 packages must be running with debug-level logging enabled. |
| Summer Long | 2016-03-23 06:05:56 UTC | Doc Text | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly execute remote code (RCE). Note: Packages based on upstream versions 2.2 and 2.3 are believed to be susceptible to RCE. However, packages based on 2.4 are believed to be limited to DoS; to be susceptible, 2.4 packages must be running with debug-level logging enabled. | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly gain remote code execution (RCE). Note: Packages based on upstream versions 2.2 and 2.3 are believed to be susceptible to RCE. However, packages based on 2.4 are believed to be limited to DoS; to be susceptible, 2.4 packages must be running with debug-level logging enabled. |
| Garth Mollett | 2016-03-23 06:12:24 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5-rhel6/openvswitch=notaffected,openstack-5-rhel7/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=affected,openstack-8/openvswitch-dpdk=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=7.4/AV:A/AC:M/Au:S/C:C/I:C/A:C,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5-rhel6/openvswitch=notaffected,openstack-5-rhel7/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=affected,openstack-8/openvswitch-dpdk=affected,openshift-enterprise-3/openvswitch=affected |
| Garth Mollett | 2016-03-23 08:19:22 UTC | Doc Text | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly gain remote code execution (RCE). Note: Packages based on upstream versions 2.2 and 2.3 are believed to be susceptible to RCE. However, packages based on 2.4 are believed to be limited to DoS; to be susceptible, 2.4 packages must be running with debug-level logging enabled. | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly gain remote code execution (RCE). |
| Garth Mollett | 2016-03-27 21:17:00 UTC | CC | nlevinki | |
| Martin Prpič | 2016-03-29 08:48:41 UTC | Doc Text | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or possibly gain remote code execution (RCE). | A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. |
| Andrej Nemec | 2016-03-29 12:32:54 UTC | Summary | EMBARGOED CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability | CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability |
| Andrej Nemec | 2016-03-29 12:33:02 UTC | Group | security, qe_staff | |
| Andrej Nemec | 2016-03-29 12:37:29 UTC | Depends On | 1321946 | |
| Flavio Leitner | 2016-03-29 12:43:55 UTC | Depends On | 1297820 | |
| Robin Cernin | 2016-03-29 13:33:59 UTC | CC | rcernin | |
| Salvatore Bonaccorso | 2016-03-29 19:36:00 UTC | CC | carnil | |
| Jeremy | 2016-03-31 19:33:50 UTC | CC | jmelvin | |
| Flags | needinfo?(security-response-team) | |||
| Garth Mollett | 2016-04-01 01:03:51 UTC | Flags | needinfo?(security-response-team) | |
| Kurt Seifried | 2016-04-01 21:08:53 UTC | Depends On | 1323320 | |
| Kurt Seifried | 2016-04-01 21:08:55 UTC | Depends On | 1323321 | |
| Garth Mollett | 2016-04-10 22:45:35 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=7.4/AV:A/AC:M/Au:S/C:C/I:C/A:C,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5-rhel6/openvswitch=notaffected,openstack-5-rhel7/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=affected,openstack-8/openvswitch-dpdk=affected,openshift-enterprise-3/openvswitch=affected | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=7.4/AV:A/AC:M/Au:S/C:C/I:C/A:C,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5-rhel6/openvswitch=notaffected,openstack-5-rhel7/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=notaffected,openstack-8/openvswitch-dpdk=notaffected,openshift-enterprise-3/openvswitch=affected |
| John Skeoch | 2016-04-18 07:49:06 UTC | CC | yeylon | srevivo |
| Perry Myers | 2016-04-19 01:25:16 UTC | CC | pmyers | |
| Alan Pevec | 2016-04-28 03:49:57 UTC | Depends On | 1331227 | |
| Flavio Leitner | 2016-08-25 04:22:04 UTC | Depends On | 1358522 | |
| Adam Young | 2017-10-18 18:53:03 UTC | CC | ayoung | |
| PnT Account Manager | 2017-11-07 00:57:34 UTC | CC | cascardo | |
| PnT Account Manager | 2018-01-30 23:57:00 UTC | CC | aortega | |
| PnT Account Manager | 2018-02-07 16:17:41 UTC | CC | lrichard | |
| PnT Account Manager | 2018-06-29 22:07:52 UTC | CC | kseifried | |
| Panu Matilainen | 2018-07-30 08:18:11 UTC | CC | pmatilai | |
| PnT Account Manager | 2019-02-14 14:58:49 UTC | CC | nyechiel | |
| Product Security DevOps Team | 2019-06-08 02:49:47 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:49:47 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:56 UTC | Whiteboard | impact=important,public=20160328,reported=20160316,source=redhat,cvss2=7.4/AV:A/AC:M/Au:S/C:C/I:C/A:C,cwe=CWE-121,fedora-all/openvswitch=affected,openstack-5-rhel6/openvswitch=notaffected,openstack-5-rhel7/openvswitch=affected,openstack-6/openvswitch=affected,openstack-7/openvswitch=affected,openstack-7/openvswitch-dpdk=affected,openstack-8/openvswitch=notaffected,openstack-8/openvswitch-dpdk=notaffected,openshift-enterprise-3/openvswitch=affected |
Back to bug 1318553