Changes made to bug 1377330

Back to bug 1377330

Who	When	What	Removed	Added
Andrej Nemec	2016-09-19 13:00:42 UTC	Depends On		1377331
Andrej Nemec	2016-09-19 13:02:43 UTC	Blocks		1377333
Slawomir Czarko	2016-09-20 08:04:41 UTC	CC		slawomir
Fedora Update System	2016-09-28 05:57:24 UTC	Status	NEW	ON_QA
Fedora Update System	2016-10-01 00:52:23 UTC	Status	ON_QA	CLOSED
		Resolution	---	ERRATA
		Last Closed		2016-09-30 20:52:23 UTC
Martin Prpič	2016-10-03 08:21:42 UTC	Status	CLOSED	NEW
		Resolution	ERRATA	---
		Keywords		Reopened
John Skeoch	2016-10-04 04:22:46 UTC	CC	pholasek
Vladis Dronov	2016-10-05 13:01:14 UTC	CC		vdronov
		Doc Text		A heap-buffer overflow vulnerability was found in the Linux kernel. This can potentially cause kernel heap corruption and arbitraty kernel code execution.
		Doc Type	If docs needed, set a value	Bug Fix
		Whiteboard	impact=moderate,public=20160915,reported=20160916,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected	impact=moderate,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected
Vladis Dronov	2016-10-05 13:02:48 UTC	Whiteboard	impact=moderate,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected	impact=important,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected
Vladis Dronov	2016-10-05 13:03:07 UTC	Severity	medium	high
Vladis Dronov	2016-10-05 13:03:22 UTC	Priority	medium	high
Vladis Dronov	2016-10-05 13:10:15 UTC	Depends On		1381976
Vladis Dronov	2016-10-05 13:10:24 UTC	Depends On		1381977
Vladis Dronov	2016-10-05 13:10:34 UTC	Depends On		1381978
Vladis Dronov	2016-10-05 13:10:43 UTC	Depends On		1381979
Vladis Dronov	2016-10-05 13:10:52 UTC	Depends On		1381980
Vladis Dronov	2016-10-05 13:10:58 UTC	Depends On		1381982
Vladis Dronov	2016-10-05 13:11:05 UTC	Depends On		1381983
Vladis Dronov	2016-10-05 13:11:14 UTC	Depends On		1381984
Eric Christensen	2016-10-05 14:14:24 UTC	Doc Text	A heap-buffer overflow vulnerability was found in the Linux kernel. This can potentially cause kernel heap corruption and arbitraty kernel code execution.	A heap-buffer overflow vulnerability was found in the Linux kernel. This can potentially cause kernel heap corruption and arbitrary kernel code execution.
Vladis Dronov	2016-10-06 11:00:36 UTC	Whiteboard	impact=important,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected	impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected
Vladis Dronov	2016-10-06 11:00:57 UTC	Severity	high	low
Vladis Dronov	2016-10-06 11:01:16 UTC	Priority	high	low
Vladis Dronov	2016-10-06 14:58:27 UTC	Whiteboard	impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected	impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=wontfix,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=wontfix,fedora-all/kernel=affected
Vladis Dronov	2016-10-25 13:40:18 UTC	Status	NEW	CLOSED
		Resolution	---	WONTFIX
		Doc Text	A heap-buffer overflow vulnerability was found in the Linux kernel. This can potentially cause kernel heap corruption and arbitrary kernel code execution.	A heap-buffer overflow vulnerability was found in the arcmsr_iop_message_xfer() function in 'drivers/scsi/arcmsr/arcmsr_hba.c' file in the Linux kernel through 4.8.2. The function does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. This can potentially cause kernel heap corruption and arbitrary kernel code execution.
		Last Closed	2016-09-30 20:52:23 UTC	2016-10-25 09:40:18 UTC
Product Security DevOps Team	2019-09-29 13:56:12 UTC	Whiteboard	impact=low,public=20160915,reported=20160915,source=oss-security,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L,cwe=CWE-122,rhel-5/kernel=wontfix,rhel-6/kernel=wontfix,rhel-7/kernel=wontfix,rhel-7/kernel-rt=wontfix,mrg-2/realtime-kernel=wontfix,rhelsa-7/arm-kernel=wontfix,fedora-all/kernel=affected

Back to bug 1377330