Back to bug 1367814
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-08-17 14:29:28 UTC | CC | security-response-team | |
| Adam Mariš | 2016-08-17 14:30:54 UTC | Blocks | 1367816 | |
| Andrej Nemec | 2016-08-26 08:18:45 UTC | Alias | CVE-2015-8953 | |
| Andrej Nemec | 2016-08-26 08:18:57 UTC | Summary | EMBARGOED kernel: overlayfs: Double dentry reference leak in copy-up failure | EMBARGOED CVE-2015-8953 kernel: overlayfs: Double dentry reference leak in copy-up failure |
| Andrej Nemec | 2016-08-26 12:21:22 UTC | CC | anemec | |
| Whiteboard | impact=moderate,public=no,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | ||
| Andrej Nemec | 2016-08-26 12:21:42 UTC | Summary | EMBARGOED CVE-2015-8953 kernel: overlayfs: Double dentry reference leak in copy-up failure | CVE-2015-8953 kernel: overlayfs: Double dentry reference leak in copy-up failure |
| Andrej Nemec | 2016-08-26 12:21:52 UTC | Group | security, qe_staff | |
| Andrej Nemec | 2016-08-26 12:22:09 UTC | Depends On | 1370467 | |
| Slawomir Czarko | 2016-08-29 07:56:49 UTC | CC | slawomir | |
| Wade Mealing | 2016-09-16 06:09:56 UTC | CC | wmealing | |
| Wade Mealing | 2016-10-04 02:32:23 UTC | Whiteboard | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-772,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected |
| Wade Mealing | 2016-10-04 02:35:23 UTC | Whiteboard | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-772,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-772,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected |
| Wade Mealing | 2016-10-04 02:56:52 UTC | Doc Text | A flaw was found in the Linux kernels implementation of overlayfs. An attacker can leak a file resources in the system by opening a large file with write permissions on a overlay filesystem that is insufficient to deal with the size of the write. When unmounting the underlying device, the system is unable to free an inode and this will consume resources. Repeating this for all available inodes and memory will create a denial of service situation. |
|
| Wade Mealing | 2016-10-04 03:02:55 UTC | Whiteboard | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-772,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=notaffected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-772,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected |
| John Skeoch | 2016-10-04 04:23:17 UTC | CC | pholasek | |
| Eric Christensen | 2016-10-04 14:10:29 UTC | Doc Text | A flaw was found in the Linux kernels implementation of overlayfs. An attacker can leak a file resources in the system by opening a large file with write permissions on a overlay filesystem that is insufficient to deal with the size of the write. When unmounting the underlying device, the system is unable to free an inode and this will consume resources. Repeating this for all available inodes and memory will create a denial of service situation. | A flaw was found in the Linux kernel's implementation of overlayfs. An attacker can leak file resources in the system by opening a large file with write permissions on a overlay filesystem that is insufficient to deal with the size of the write. When unmounting the underlying device, the system is unable to free an inode and this will consume resources. Repeating this for all available inodes and memory will create a denial of service situation. |
| Wade Mealing | 2016-10-20 07:56:13 UTC | Comment 5 is private | 1 | 0 |
| Vladis Dronov | 2016-11-04 18:31:16 UTC | Comment 4 is private | 1 | 0 |
| CC | vdronov | |||
| Vladis Dronov | 2016-11-04 18:43:44 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2016-11-04 14:43:44 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=moderate,public=20160823,reported=20150908,source=redhat,cvss2=5.4/AV:L/AC:M/Au:N/C:P/I:N/A:C,cvss3=6.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H,cwe=CWE-772,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=notaffected,fedora-all/kernel=affected |
Back to bug 1367814