Back to bug 1395126
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-11-15 08:50:27 UTC | Depends On | 1395128 | |
| Andrej Nemec | 2016-11-15 08:50:35 UTC | Depends On | 1395129 | |
| Andrej Nemec | 2016-11-15 08:52:52 UTC | Blocks | 1395130 | |
| Slawomir Czarko | 2016-11-16 09:08:38 UTC | CC | slawomir | |
| Dhiru Kholia | 2016-11-17 06:13:52 UTC | CC | dkholia | |
| Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cvss3=4.4/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=new,rhel-6/gstreamer=new,rhel-7/gstreamer=new,rhev-m-3/mingw-virt-viewer=new | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=new | ||
| Dhiru Kholia | 2016-11-17 06:57:48 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=new | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=new |
| Dhiru Kholia | 2016-11-17 07:00:07 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=new | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix |
| Dhiru Kholia | 2016-11-17 08:56:33 UTC | Summary | gstreamer: Lack of ROM size checking when mapping into 6502 memory and bank switching | gstreamer-plugins-bad-free: Lack of ROM size checking when mapping into 6502 memory and bank switching |
| Dhiru Kholia | 2016-11-17 09:52:33 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix |
| Andrej Nemec | 2016-11-21 07:05:17 UTC | Alias | CVE-2016-9447 | |
| Andrej Nemec | 2016-11-21 07:05:34 UTC | Summary | gstreamer-plugins-bad-free: Lack of ROM size checking when mapping into 6502 memory and bank switching | CVE-2016-9447 gstreamer-plugins-bad-free: Lack of ROM size checking when mapping into 6502 memory and bank switching |
| Dhiru Kholia | 2016-12-01 09:26:56 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=wontfix,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix |
| Dhiru Kholia | 2016-12-02 06:36:30 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=5.3/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix |
| Dhiru Kholia | 2016-12-02 06:39:37 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected/impact=important,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix |
| Dhiru Kholia | 2016-12-02 07:47:24 UTC | Depends On | 1400820 | |
| Dhiru Kholia | 2016-12-02 07:47:35 UTC | Depends On | 1400821 | |
| Dhiru Kholia | 2016-12-02 08:15:33 UTC | Depends On | 1400838 | |
| Dhiru Kholia | 2016-12-02 08:15:44 UTC | Depends On | 1400839 | |
| Dhiru Kholia | 2016-12-02 09:31:51 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected/impact=important,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected/impact=important,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix,fedora-all/gstreamer-plugins-bad-free=affected |
| Dhiru Kholia | 2016-12-02 09:33:02 UTC | Depends On | 1400908 | |
| Dhiru Kholia | 2016-12-05 10:13:10 UTC | Doc Text | A memory corruption flaw was found in the GStreamer's Nintendo NSF music file format decoding plugin. A remote attacker could use this flaw to cause an application using this plugin to crash or, potentially, execute arbitrary code with the privileges of the user running the application. | |
| Dhiru Kholia | 2016-12-05 10:14:33 UTC | Summary | CVE-2016-9447 gstreamer-plugins-bad-free: Lack of ROM size checking when mapping into 6502 memory and bank switching | CVE-2016-9447 gstreamer-plugins-bad-free: Memory corruption flaw in NSF decoder |
| Dhiru Kholia | 2016-12-21 08:48:35 UTC | Doc Text | A memory corruption flaw was found in the GStreamer's Nintendo NSF music file format decoding plugin. A remote attacker could use this flaw to cause an application using this plugin to crash or, potentially, execute arbitrary code with the privileges of the user running the application. | A memory corruption flaw was found in the GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using this plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the application. |
| Dhiru Kholia | 2016-12-21 08:56:54 UTC | Doc Text | A memory corruption flaw was found in the GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using this plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the application. | A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using this plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the application. |
| Tomas Hoger | 2016-12-21 10:25:28 UTC | Doc Text | A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using this plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the application. | A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. |
| Dhiru Kholia | 2017-07-27 14:26:44 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2017-07-27 10:26:44 UTC | |||
| Gil Klein | 2019-04-28 13:50:55 UTC | CC | gklein | |
| Product Security DevOps Team | 2019-09-29 13:59:56 UTC | Whiteboard | impact=moderate,public=20161114,reported=20161114,source=redhat,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-125,fedora-all/gstreamer=affected,fedora-all/mingw-gstreamer=affected,rhel-5/gstreamer=notaffected,rhel-6/gstreamer=notaffected,rhel-6/gstreamer-plugins-bad-free=affected/impact=important,rhel-7/gstreamer=notaffected,rhel-7/gstreamer1=notaffected,rhel-7/gstreamer-plugins-bad-free=affected,rhel-7/gstreamer1-plugins-bad-free=notaffected,rhev-m-3/mingw-virt-viewer=wontfix,fedora-all/gstreamer-plugins-bad-free=affected |
Back to bug 1395126