Back to bug 1374702
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Prasad Pandit | 2016-09-09 13:02:53 UTC | Blocks | 1348571 | |
| Prasad Pandit | 2016-09-09 13:03:55 UTC | Depends On | 1374709 | |
| Martin Prpič | 2016-09-09 14:52:18 UTC | Alias | CVE-2016-7170 | |
| Martin Prpič | 2016-09-09 14:52:38 UTC | Summary | Qemu: vmware_vga: OOB stack memory access when processing svga command | CVE-2016-7170 Qemu: vmware_vga: OOB stack memory access when processing svga command |
| Prasad Pandit | 2016-11-24 07:25:29 UTC | Doc Text | Quick Emulator(Qemu) built with the VMware-SVGA "chipset" emulation support is vulnerable to an OOB stack memory write issue. It could occur while processing VGA commands in 'vmsvga_fifo_run' routine. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS. | |
| Whiteboard | impact=moderate,public=20160908,reported=20160621,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=3.5/CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L,cwe=CWE-121,rhel-5/kvm=wontfix,rhel-5/xen=notaffected,rhel-6/qemu-kvm=wontfix,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,openstack-9/qemu-kvm-rhev=wontfix | impact=moderate,public=20160908,reported=20160621,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=3.5/CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L,cwe=CWE-121,rhel-5/kvm=wontfix,rhel-5/xen=notaffected,rhel-6/qemu-kvm=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected | ||
| Prasad Pandit | 2016-11-24 07:30:36 UTC | Depends On | 1398112 | |
| Prasad Pandit | 2016-11-24 07:30:41 UTC | Depends On | 1398113 | |
| Prasad Pandit | 2016-11-24 07:30:56 UTC | Depends On | 1398114 | |
| Prasad Pandit | 2016-11-24 07:31:10 UTC | Depends On | 1398115 | |
| Prasad Pandit | 2016-11-24 07:31:24 UTC | Depends On | 1398117 | |
| Prasad Pandit | 2016-11-24 07:31:37 UTC | Depends On | 1398118 | |
| Prasad Pandit | 2016-11-24 07:31:51 UTC | Depends On | 1398119 | |
| Prasad Pandit | 2016-11-24 07:32:10 UTC | Depends On | 1398120 | |
| Prasad Pandit | 2016-11-24 07:32:28 UTC | Depends On | 1398121 | |
| Prasad Pandit | 2016-11-24 07:32:47 UTC | Depends On | 1398122 | |
| Prasad Pandit | 2016-11-24 07:33:05 UTC | Depends On | 1398123 | |
| Prasad Pandit | 2016-11-24 07:33:22 UTC | Depends On | 1398124 | |
| Prasad Pandit | 2016-11-24 07:42:30 UTC | Blocks | 1370384 | |
| Eric Christensen | 2016-11-28 14:56:58 UTC | Doc Text | Quick Emulator(Qemu) built with the VMware-SVGA "chipset" emulation support is vulnerable to an OOB stack memory write issue. It could occur while processing VGA commands in 'vmsvga_fifo_run' routine. A privileged user inside guest could use this flaw to crash the Qemu process resulting in DoS. | Quick Emulator (QEMU) built with the VMware-SVGA chipset emulation support is vulnerable to an OOB stack memory write issue. It could occur while processing VGA commands in 'vmsvga_fifo_run' routine. A privileged user inside guest could use this flaw to crash the QEMU process resulting in DoS. |
| Ademar Reis | 2016-12-07 23:05:00 UTC | CC | prasad | |
| Flags | needinfo?(prasad) | |||
| Prasad Pandit | 2016-12-08 04:36:58 UTC | Flags | needinfo?(prasad) | |
| Ademar Reis | 2016-12-08 14:01:37 UTC | Flags | needinfo?(prasad) | |
| Prasad Pandit | 2016-12-08 17:26:43 UTC | Flags | needinfo?(prasad) | |
| Ademar Reis | 2016-12-08 18:18:47 UTC | CC | armbru | |
| Flags | needinfo?(armbru) | |||
| Markus Armbruster | 2016-12-09 08:37:38 UTC | Flags | needinfo?(armbru) | |
| Prasad Pandit | 2016-12-09 09:00:57 UTC | Status | NEW | CLOSED |
| Resolution | --- | UPSTREAM | ||
| Whiteboard | impact=moderate,public=20160908,reported=20160621,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=3.5/CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L,cwe=CWE-121,rhel-5/kvm=wontfix,rhel-5/xen=notaffected,rhel-6/qemu-kvm=affected,rhel-7/qemu-kvm=affected,rhel-7/qemu-kvm-rhev=affected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected | impact=moderate,public=20160908,reported=20160621,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=3.5/CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L,cwe=CWE-121,rhel-5/kvm=wontfix,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,openstack-9/qemu-kvm-rhev=notaffected | ||
| Last Closed | 2016-12-09 04:00:57 UTC | |||
| Prasad Pandit | 2017-01-12 18:18:43 UTC | Blocks | 1329196 | |
| CC | amaris | |||
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=moderate,public=20160908,reported=20160621,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=3.5/CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L,cwe=CWE-121,rhel-5/kvm=wontfix,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=notaffected,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,openstack-9/qemu-kvm-rhev=notaffected |
Back to bug 1374702