Back to bug 1327484

Who When What Removed Added
Adam Mariš 2016-04-15 08:35:13 UTC CC security-response-team
Red Hat Bugzilla 2016-04-15 08:35:13 UTC Doc Type --- Bug Fix
Adam Mariš 2016-04-15 08:37:07 UTC Blocks 1327486
Wade Mealing 2016-04-15 10:10:28 UTC CC wmealing
Assignee security-response-team wmealing
Tomas Hoger 2016-04-15 10:56:15 UTC Assignee wmealing security-response-team
Martin Prpič 2016-04-27 08:06:57 UTC Alias CVE-2016-3707
Martin Prpič 2016-04-27 08:07:05 UTC Summary EMBARGOED kernel-rt: Sending SysRq command via ICMP echo request EMBARGOED CVE-2016-3707 kernel-rt: Sending SysRq command via ICMP echo request
Wade Mealing 2016-04-28 05:20:59 UTC Whiteboard impact=moderate,public=no,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=new impact=moderate,public=no,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=notaffected
Wade Mealing 2016-04-28 05:21:22 UTC Depends On 1331240
Wade Mealing 2016-04-28 05:21:28 UTC Depends On 1331241
Wade Mealing 2016-04-28 05:21:37 UTC Depends On 1331242
Wade Mealing 2016-04-29 13:06:57 UTC Whiteboard impact=moderate,public=no,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=notaffected impact=moderate,public=no,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected
Wade Mealing 2016-05-03 04:48:06 UTC Comment 3 is private 1 0
Wade Mealing 2016-05-17 00:16:47 UTC Whiteboard impact=moderate,public=no,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected
Wade Mealing 2016-05-17 00:22:32 UTC Summary EMBARGOED CVE-2016-3707 kernel-rt: Sending SysRq command via ICMP echo request CVE-2016-3707 kernel-rt: Sending SysRq command via ICMP echo request
Wade Mealing 2016-05-17 00:22:39 UTC Group security, qe_staff
Wade Mealing 2016-05-17 01:30:11 UTC Doc Text Instructions for setting up the environment is:

https://lwn.net/Articles/448790/

and

http://seclists.org/oss-sec/2016/q2/349

There is no exploit payload, other than the information
that is already public.
Wade Mealing 2016-05-18 03:45:09 UTC Doc Text Instructions for setting up the environment is:

https://lwn.net/Articles/448790/

and

http://seclists.org/oss-sec/2016/q2/349

There is no exploit payload, other than the information
that is already public. 		A flaw was found in the kernel-rt in which an attacker could submit a specially crafted ICMP echo request which can trigger a sysrq function based on values in the ICMP packet. This feature is not enabled by default and requries elevated priveledges to configure. An attacker could use this to reboot a system across a network.
Wade Mealing 2016-05-18 03:50:04 UTC Whiteboard impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=cwe=CWE-312-,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected
Wade Mealing 2016-05-18 03:52:27 UTC Whiteboard impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=5.1/AV:N/AC:H/Au:N/C:P/I:P/A:P,cwe=cwe=CWE-312-,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cwe=cwe,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected
Eric Christensen 2016-06-01 16:31:07 UTC CC sparks
Doc Text A flaw was found in the kernel-rt in which an attacker could submit a specially crafted ICMP echo request which can trigger a sysrq function based on values in the ICMP packet. This feature is not enabled by default and requries elevated priveledges to configure. An attacker could use this to reboot a system across a network. A flaw was found in the kernel-rt in which an attacker could submit a specially crafted ICMP echo request which can trigger a sysrq function based on values in the ICMP packet. This feature is not enabled by default and requires elevated privileges to configure. An attacker could use this to reboot a system across a network.
Eric Christensen 2016-06-07 22:15:06 UTC CC sparks
Martin Prpič 2016-06-16 13:26:46 UTC Doc Text A flaw was found in the kernel-rt in which an attacker could submit a specially crafted ICMP echo request which can trigger a sysrq function based on values in the ICMP packet. This feature is not enabled by default and requires elevated privileges to configure. An attacker could use this to reboot a system across a network. A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and requires elevated privileges to be configured.
Vladis Dronov 2016-06-24 11:02:00 UTC Status NEW CLOSED
CC vdronov
Resolution --- ERRATA
Last Closed 2016-06-24 07:02:00 UTC
Andrej Nemec 2016-07-11 13:58:19 UTC CC anemec
Whiteboard impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cwe=cwe,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cwe=CWE-312,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected
Product Security DevOps Team 2019-09-29 13:47:33 UTC Whiteboard impact=moderate,public=20160517,reported=20160414,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cwe=CWE-312,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=notaffected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/kernel-biscayne=notaffected,fedora-all/kernel=notaffected

Back to bug 1327484