Back to bug 1376776
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Prasad Pandit | 2016-09-16 11:38:05 UTC | Blocks | 1365400 | |
| Prasad Pandit | 2016-09-16 11:38:24 UTC | Depends On | 1376777 | |
| Prasad Pandit | 2016-09-19 08:28:04 UTC | Alias | CVE-2016-7423 | |
| Prasad Pandit | 2016-09-19 08:28:21 UTC | Summary | Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object | CVE-2016-7423 Qemu: scsi: mptsas: OOB access when freeing MPTSASRequest object |
| Summer Long | 2016-09-21 03:07:41 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160809,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=4.4/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,openstack-9/qemu-kvm-rhev=wontfix | impact=moderate,public=20160915,reported=20160809,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=4.4/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,openstack-9/qemu-kvm-rhev=notaffected |
| Summer Long | 2016-09-21 03:08:44 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160809,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=4.4/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,openstack-9/qemu-kvm-rhev=notaffected | impact=moderate,public=20160915,reported=20160809,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=4.4/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,openstack-9/qemu-kvm-rhev=notaffected,openstack-10/qemu-kvm-rhev=notaffected |
| Summer Long | 2016-09-21 03:23:23 UTC | CC | slong | |
| Doc Text | A flaw was found in the Quick Emulator(QEMU) built with LSI SAS1068 Host Bus emulation support, where it is vulnerable to an invalid memory-access issue. The flaw could occur while processing SCSI IO requests in the mptsas_process_scsi_io_request routine. A privileged user inside the guest could use this flaw to crash the QEMU-process instance on the host (denial of service). | |||
| PnT Account Manager | 2018-01-31 00:03:10 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 15:01:27 UTC | CC | rbalakri | |
| Product Security DevOps Team | 2019-06-08 02:58:46 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2019-06-08 02:58:46 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:56:12 UTC | Whiteboard | impact=moderate,public=20160915,reported=20160809,source=researcher,cvss2=3.8/AV:A/AC:M/Au:S/C:N/I:P/A:P,cvss3=4.4/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L,cwe=CWE-787,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=wontfix,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=notaffected,openstack-6/qemu-kvm-rhev=notaffected,openstack-7/qemu-kvm-rhev=notaffected,openstack-8/qemu-kvm-rhev=notaffected,openstack-9/qemu-kvm-rhev=notaffected,openstack-10/qemu-kvm-rhev=notaffected |
Back to bug 1376776