Back to bug 1377837
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Prasad Pandit | 2016-09-20 18:18:08 UTC | Blocks | 1377819 | |
| Prasad Pandit | 2016-09-20 18:18:32 UTC | Depends On | 1377838 | |
| Prasad Pandit | 2016-09-21 03:49:20 UTC | Alias | CVE-2016-7466 | |
| Prasad Pandit | 2016-09-21 03:49:42 UTC | Summary | Qemu: usb: xhci memory leakage during device unplug | CVE-2016-7466 Qemu: usb: xhci memory leakage during device unplug |
| Summer Long | 2016-09-23 00:49:17 UTC | Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,openstack-9/qemu-kvm-rhev=wontfix | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected |
| Summer Long | 2016-09-23 00:56:14 UTC | Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected |
| Summer Long | 2016-09-23 00:58:44 UTC | Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=wontfix,openstack-5-rhel7/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected |
| Summer Long | 2016-09-23 01:00:40 UTC | Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=wontfix,openstack-5-rhel7/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected |
| Summer Long | 2016-09-23 01:03:28 UTC | Depends On | 1378649 | |
| Summer Long | 2016-09-23 01:03:44 UTC | Depends On | 1378650 | |
| Summer Long | 2016-09-23 01:04:00 UTC | Depends On | 1378651 | |
| Summer Long | 2016-09-23 01:04:15 UTC | Depends On | 1378652 | |
| Summer Long | 2016-09-23 01:04:31 UTC | Depends On | 1378653 | |
| Summer Long | 2016-09-23 01:04:45 UTC | Depends On | 1378654 | |
| Summer Long | 2016-09-27 05:09:54 UTC | CC | slong | |
| Doc Text | A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB xHCI controller emulation support. The flaw could occur while doing a USB-device unplug operation. Unplugging the device repeatedly resulted in leaking host memory, affecting other services on the host. A privileged user inside the guest could exploit this flaw to cause a denial of service on the host or potentially crash the host's QEMU process instance. | |||
| Summer Long | 2016-10-05 03:29:40 UTC | Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=affected,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,openstack-9/qemu-kvm-rhev=wontfix,openstack-10/qemu-kvm-rhev=wontfix |
| Summer Long | 2016-10-05 03:40:41 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2016-10-04 23:40:41 UTC | |||
| Garth Mollett | 2017-07-27 08:50:01 UTC | Status | CLOSED | NEW |
| Resolution | WONTFIX | --- | ||
| Keywords | Reopened | |||
| Garth Mollett | 2017-07-27 08:50:49 UTC | CC | gmollett | |
| Garth Mollett | 2017-07-27 08:52:36 UTC | CC | jjoyce | |
| Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=wontfix,openstack-7/qemu-kvm-rhev=wontfix,openstack-8/qemu-kvm-rhev=wontfix,openstack-9/qemu-kvm-rhev=wontfix,openstack-10/qemu-kvm-rhev=wontfix | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected | ||
| Garth Mollett | 2017-07-27 08:58:47 UTC | Depends On | 1475739 | |
| Adam Young | 2017-07-29 21:50:35 UTC | CC | ayoung | |
| Summer Long | 2017-08-01 00:14:40 UTC | Doc Text | A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB xHCI controller emulation support. The flaw could occur while doing a USB-device unplug operation. Unplugging the device repeatedly resulted in leaking host memory, affecting other services on the host. A privileged user inside the guest could exploit this flaw to cause a denial of service on the host or potentially crash the host's QEMU process instance. | A memory-leak flaw was found in the Quick Emulator(QEMU) built with USB xHCI controller emulation support. The flaw could occur while doing a USB-device unplug operation. Unplugging the device repeatedly resulted in leaking host memory, which affected other services on the host. A privileged user inside the guest could exploit this flaw to cause a denial of service on the host or potentially crash the host's QEMU process instance. |
| PnT Account Manager | 2018-01-31 00:03:19 UTC | CC | aortega | |
| PnT Account Manager | 2018-07-18 15:01:48 UTC | CC | rbalakri | |
| Stephen Herr | 2018-08-17 01:29:38 UTC | Whiteboard | impact=low,public=10160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected | impact=low,public=20160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected |
| Product Security DevOps Team | 2019-06-08 02:58:59 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-10-05 03:40:41 UTC | 2019-06-08 02:58:59 UTC | ||
| Product Security DevOps Team | 2019-09-29 13:57:05 UTC | Whiteboard | impact=low,public=20160913,reported=20160914,source=researcher,cvss2=2.3/AV:A/AC:M/Au:S/C:N/I:N/A:P,cvss3=3.0/CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L,cwe=CWE-119,rhel-5/kvm=notaffected,rhel-5/xen=notaffected,rhel-6/qemu-kvm=notaffected,rhel-7/qemu-kvm=notaffected,rhel-7/qemu-kvm-rhev=wontfix,fedora-all/qemu=affected,fedora-all/xen=notaffected,openstack-5-rhel6/qemu-kvm-rhev=notaffected,openstack-5-rhel7/qemu-kvm-rhev=wontfix,openstack-6/qemu-kvm-rhev=affected,openstack-7/qemu-kvm-rhev=affected,openstack-8/qemu-kvm-rhev=affected,openstack-9/qemu-kvm-rhev=affected,openstack-10/qemu-kvm-rhev=affected,openstack-11/qemu-kvm-rhev=affected,openstack-12/qemu-kvm-rhev=notaffected |
Back to bug 1377837