Back to bug 1373966
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-09-07 14:48:59 UTC | CC | security-response-team | |
| Adam Mariš | 2016-09-07 14:50:05 UTC | Blocks | 1373967 | |
| Vladis Dronov | 2016-09-12 13:09:47 UTC | CC | vdronov | |
| Vladis Dronov | 2016-09-12 13:12:37 UTC | Whiteboard | impact=moderate,public=no,reported=20160906,source=redhat,cvss2=4.7/AV:L/AC:M/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=no,reported=20160906,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected |
| Vladis Dronov | 2016-09-12 13:16:02 UTC | Doc Text | It was found that when gcc stack protector is turned on, proc_keys_show() can cause a panic in the Linux kernel due to the stack corruption. This happens because xbuf[] is not big enough to hold a 64-bit timeout value rendered as weeks. | |
| Whiteboard | impact=moderate,public=no,reported=20160906,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=moderate,public=no,reported=20160906,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | ||
| Vladis Dronov | 2016-09-12 13:25:03 UTC | Depends On | 1375208 | |
| Vladis Dronov | 2016-09-12 13:25:17 UTC | Depends On | 1375209 | |
| Vladis Dronov | 2016-09-12 13:25:31 UTC | Depends On | 1375210 | |
| Vladis Dronov | 2016-09-12 13:25:41 UTC | Depends On | 1375211 | |
| Vladis Dronov | 2016-09-12 13:25:51 UTC | Depends On | 1375212 | |
| Vladis Dronov | 2016-09-12 13:28:51 UTC | Depends On | 1373499 | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Vladis Dronov | 2016-09-14 09:58:24 UTC | Alias | CVE-2016-7042 | |
| Vladis Dronov | 2016-09-14 09:58:33 UTC | Summary | EMBARGOED kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled | EMBARGOED CVE-2016-7042 kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled |
| John Skeoch | 2016-10-04 04:22:12 UTC | CC | pholasek | |
| Vladis Dronov | 2016-10-13 12:33:41 UTC | Whiteboard | impact=moderate,public=no,reported=20160906,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20161013,reported=20160906,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Vladis Dronov | 2016-10-13 12:49:17 UTC | Summary | EMBARGOED CVE-2016-7042 kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled | CVE-2016-7042 kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled |
| Vladis Dronov | 2016-10-13 12:49:25 UTC | Group | security, qe_staff | |
| Salvatore Bonaccorso | 2016-10-13 16:43:45 UTC | CC | carnil | |
| Slawomir Czarko | 2016-10-14 08:14:43 UTC | CC | slawomir | |
| Martin Prpič | 2017-03-20 09:46:03 UTC | Doc Text | It was found that when gcc stack protector is turned on, proc_keys_show() can cause a panic in the Linux kernel due to the stack corruption. This happens because xbuf[] is not big enough to hold a 64-bit timeout value rendered as weeks. | It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks. |
| Martin Prpič | 2017-03-20 11:46:27 UTC | Doc Text | It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks. | It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks. |
| Dominik Mierzejewski | 2017-07-28 11:05:29 UTC | CC | dominik.mierzejewski | |
| Joel Smith | 2017-07-31 22:33:48 UTC | CC | joelsmith | |
| PnT Account Manager | 2018-02-07 23:18:29 UTC | CC | agordeev | |
| PnT Account Manager | 2018-07-19 06:20:18 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:08:19 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 14:55:05 UTC | CC | esammons | |
| Product Security DevOps Team | 2019-06-08 02:58:19 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:58:19 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:55:15 UTC | Whiteboard | impact=moderate,public=20161013,reported=20160906,source=redhat,cvss2=4.9/AV:L/AC:L/Au:N/C:N/I:N/A:C,cvss3=5.5/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-121,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
Back to bug 1373966