Back to bug 1375944
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-09-14 09:58:40 UTC | CC | security-response-team | |
| Adam Mariš | 2016-09-14 10:05:00 UTC | Depends On | 1374191 | |
| Adam Mariš | 2016-09-14 10:07:48 UTC | Blocks | 1375945 | |
| Petr Matousek | 2016-09-22 11:00:06 UTC | Whiteboard | impact=important,public=no,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected | impact=important,public=no,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Petr Matousek | 2016-09-22 11:00:36 UTC | Depends On | 1378405 | |
| Prasad Pandit | 2016-09-28 05:07:12 UTC | Depends On | 1379913 | |
| Prasad Pandit | 2016-09-28 05:07:24 UTC | Depends On | 1379914 | |
| Prasad Pandit | 2016-09-28 06:33:26 UTC | Depends On | 1379920 | |
| Prasad Pandit | 2016-09-30 04:38:17 UTC | Whiteboard | impact=important,public=no,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=important,public=20161010,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Prasad Pandit | 2016-09-30 09:56:37 UTC | CC | prasad | |
| Prasad Pandit | 2016-09-30 09:58:38 UTC | Doc Text | Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path; As an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel. | |
| Prasad Pandit | 2016-09-30 10:00:26 UTC | Whiteboard | impact=important,public=20161010,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=important,public=20161010,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-674,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| John Skeoch | 2016-10-04 04:22:46 UTC | CC | pholasek | |
| Clark Williams | 2016-10-06 17:16:15 UTC | CC | rkhan | |
| Rashid Khan | 2016-10-06 18:29:40 UTC | CC | fwestpha, hsowa, jbenc, mleitner, sdubroca, sukulkar | |
| Rafael Aquini | 2016-10-10 16:32:00 UTC | Group | redhat | |
| Rafael Aquini | 2016-10-10 16:34:36 UTC | Summary | EMBARGOED CVE-2016-7039 kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash | CVE-2016-7039 kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash |
| Rafael Aquini | 2016-10-10 16:49:16 UTC | Flags | needinfo?(security-response-team) | |
| Rafael Aquini | 2016-10-10 17:17:15 UTC | Group | redhat | |
| CC | gitbot-kernelmantain-xmlrpc | |||
| Prasad Pandit | 2016-10-10 17:44:06 UTC | Flags | needinfo?(security-response-team) | needinfo+ |
| Prasad Pandit | 2016-10-10 18:08:10 UTC | Group | security, qe_staff | |
| Prasad Pandit | 2016-10-10 18:08:27 UTC | Depends On | 1383476 | |
| Salvatore Bonaccorso | 2016-10-10 18:11:29 UTC | CC | carnil | |
| Yasuhiro Ozone | 2016-10-11 06:05:59 UTC | CC | yozone | |
| Prasad Pandit | 2016-10-21 08:58:51 UTC | Depends On | 1387549 | |
| Thomas Doczkal | 2016-10-26 07:47:57 UTC | CC | Thomas.Doczkal | |
| Eric Christensen | 2016-11-07 20:45:36 UTC | Doc Text | Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path; As an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel. | Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could unfold in both VLAN and TEB modules, leading to a stack corruption in the kernel. |
| Yaakov Selkowitz | 2016-12-21 07:37:13 UTC | CC | yselkowi | |
| Flags | needinfo?(security-response-team) | |||
| Fabio Olive Leite | 2016-12-22 12:42:14 UTC | Flags | needinfo?(security-response-team) | needinfo?(prasad) |
| Fabio Olive Leite | 2016-12-22 12:42:54 UTC | Flags | needinfo+ | |
| Petr Matousek | 2016-12-22 12:57:48 UTC | CC | pmatouse | |
| Flags | needinfo?(prasad) | needinfo?(pmatouse) | ||
| Norman Sardella | 2016-12-22 14:19:38 UTC | CC | sardella | |
| Petr Matousek | 2017-02-15 18:30:23 UTC | Depends On | 1422645 | |
| Petr Matousek | 2017-02-15 18:31:55 UTC | Flags | needinfo?(pmatouse) | |
| Jon Masters | 2017-05-08 22:33:15 UTC | CC | jcm | |
| Petr Matousek | 2017-09-05 05:04:24 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-09-05 01:04:24 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=important,public=20161010,reported=20160908,source=redhat,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-674,rhel-5/kernel=notaffected,rhel-6/kernel=notaffected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
Back to bug 1375944