Back to bug 1391490
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-11-03 12:30:35 UTC | CC | security-response-team | |
| Adam Mariš | 2016-11-03 12:35:06 UTC | Blocks | 1391492 | |
| Adam Mariš | 2016-11-07 06:51:56 UTC | Whiteboard | impact=moderate,public=no,reported=20161102,source=researcher,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20161106,reported=20161102,source=researcher,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Adam Mariš | 2016-11-07 06:52:16 UTC | Summary | EMBARGOED CVE-2016-8633 kernel: Buffer overflow in firewire driver via crafted incoming packets | CVE-2016-8633 kernel: Buffer overflow in firewire driver via crafted incoming packets |
| Adam Mariš | 2016-11-07 06:52:26 UTC | Group | security, qe_staff | |
| Adam Mariš | 2016-11-07 06:52:41 UTC | Depends On | 1392294 | |
| Yasuhiro Ozone | 2016-11-07 08:54:37 UTC | CC | yozone | |
| Vladis Dronov | 2016-11-09 11:20:47 UTC | Whiteboard | impact=moderate,public=20161106,reported=20161102,source=researcher,cvss2=4.4/AV:L/AC:M/Au:N/C:P/I:P/A:P,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=moderate,public=20161106,reported=20161102,source=researcher,cvss2=5.9/AV:L/AC:M/Au:N/C:P/I:P/A:C,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Vladis Dronov | 2016-11-10 10:33:59 UTC | CC | vdronov | |
| Vladis Dronov | 2016-11-10 10:36:27 UTC | Doc Text | A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver [firewire-net] in a fragment handling code in the Linux kernel. The vulnerability exists since firewire supported IPv4, i.e. since version 2.6.31 (year 2009) till version v4.9-rc4. A maliciously formed fragment with a respectively large datagram offset would cause a memcpy() past the datagram buffer, which would cause a system panic or possible arbitrary code execution. The flaw requires [firewire-net] module to be loaded and is remotely exploitable from connected firewire devices, but not over a local network. | |
| Doc Type | If docs needed, set a value | Bug Fix | ||
| Vladis Dronov | 2016-11-10 10:50:26 UTC | Depends On | 1393791 | |
| Vladis Dronov | 2016-11-10 10:50:35 UTC | Depends On | 1393792 | |
| Vladis Dronov | 2016-11-10 10:50:45 UTC | Depends On | 1393793 | |
| Vladis Dronov | 2016-11-10 10:50:52 UTC | Depends On | 1393794 | |
| Vladis Dronov | 2016-11-10 10:57:16 UTC | Depends On | 1393797 | |
| Vladis Dronov | 2016-11-15 15:08:00 UTC | Whiteboard | impact=moderate,public=20161106,reported=20161102,source=researcher,cvss2=5.9/AV:L/AC:M/Au:N/C:P/I:P/A:C,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=important,public=20161106,reported=20161102,source=researcher,cvss2=5.9/AV:L/AC:M/Au:N/C:P/I:P/A:C,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| Vladis Dronov | 2016-11-15 15:08:13 UTC | Severity | medium | high |
| Vladis Dronov | 2016-11-15 15:08:27 UTC | Priority | medium | high |
| Salvatore Bonaccorso | 2016-11-15 18:51:05 UTC | CC | carnil | |
| PnT Account Manager | 2018-02-07 23:19:54 UTC | CC | agordeev | |
| errata-xmlrpc | 2018-04-10 08:04:12 UTC | Link ID | Red Hat Product Errata RHSA-2018:0676 | |
| errata-xmlrpc | 2018-04-10 09:27:49 UTC | Link ID | Red Hat Product Errata RHSA-2018:1062 | |
| Adam Mariš | 2018-05-21 08:59:59 UTC | Whiteboard | impact=important,public=20161106,reported=20161102,source=researcher,cvss2=5.9/AV:L/AC:M/Au:N/C:P/I:P/A:C,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected | impact=important,public=20161106,reported=20161102,source=researcher,cvss2=5.9/AV:L/AC:M/Au:N/C:P/I:P/A:C,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=wontfix,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
| PnT Account Manager | 2018-07-19 06:21:29 UTC | CC | mguzik | |
| PnT Account Manager | 2018-08-28 22:09:18 UTC | CC | lwang | |
| Eric Sammons | 2019-02-08 14:54:54 UTC | CC | esammons | |
| Marc Milgram | 2019-04-02 15:03:58 UTC | CC | mmilgram | |
| Pedro Sampaio | 2019-04-03 18:58:30 UTC | Depends On | 1695819 | |
| errata-xmlrpc | 2019-05-14 19:08:12 UTC | Link ID | Red Hat Product Errata RHSA-2019:1170 | |
| errata-xmlrpc | 2019-05-14 20:26:31 UTC | Link ID | Red Hat Product Errata RHSA-2019:1190 | |
| Product Security DevOps Team | 2019-06-08 03:01:48 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 03:01:48 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:59:56 UTC | Whiteboard | impact=important,public=20161106,reported=20161102,source=researcher,cvss2=5.9/AV:L/AC:M/Au:N/C:P/I:P/A:C,cvss3=6.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,cwe=CWE-787,rhel-5/kernel=notaffected,rhel-6/kernel=wontfix,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected |
Back to bug 1391490