Back to bug 1397930

Who When What Removed Added
Adam Mariš 2016-11-23 15:27:23 UTC Depends On 1397931
Adam Mariš 2016-11-23 15:31:27 UTC Blocks 1397933
Adam Mariš 2016-11-23 15:32:06 UTC Summary CVE-2016-9555 kernel: Slab out-of-bounds in sctp_sf_ootb() CVE-2016-9555 kernel: Slab out-of-bounds access in sctp_sf_ootb()
Slawomir Czarko 2016-11-24 16:36:56 UTC CC slawomir
Wade Mealing 2016-11-29 01:26:40 UTC CC wmealing
Wade Mealing 2016-11-29 02:25:49 UTC Whiteboard impact=important,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:N/C:C/I:N/A:C,cvss3=7.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,cwe=CWE-125,rhel-5/kernel=new,rhel-6/kernel=new,rhel-7/kernel=new,rhel-7/kernel-rt=new,mrg-2/realtime-kernel=new,rhelsa-7/arm-kernel=new,fedora-all/kernel=affected impact=important,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:N/C:C/I:N/A:C,cvss3=7.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,cwe=CWE-125,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected
Wade Mealing 2016-11-29 05:37:49 UTC Whiteboard impact=important,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:H/Au:N/C:C/I:N/A:C,cvss3=7.4/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H,cwe=CWE-125,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected impact=important,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-125,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected
Wade Mealing 2016-11-29 06:06:33 UTC Doc Text A flaw was found in the Linux kernels implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault.
Wade Mealing 2016-11-29 06:07:31 UTC Whiteboard impact=important,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-125,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected impact=moderate,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-125,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected
Wade Mealing 2016-11-29 06:08:01 UTC Depends On 1399455
Wade Mealing 2016-11-29 06:08:13 UTC Depends On 1399456
Wade Mealing 2016-11-29 06:08:23 UTC Depends On 1399457
Wade Mealing 2016-11-29 06:08:31 UTC Depends On 1399458
Wade Mealing 2016-11-29 06:08:44 UTC Depends On 1399459
Wade Mealing 2016-11-29 06:08:56 UTC Depends On 1399460
Wade Mealing 2016-11-29 06:09:05 UTC Depends On 1399461
Wade Mealing 2016-11-29 06:09:11 UTC Depends On 1399462
Wade Mealing 2016-11-29 06:09:22 UTC Depends On 1399463
Martin Prpič 2016-11-30 07:45:30 UTC Priority high medium
Severity high medium
Vladis Dronov 2016-12-06 15:18:37 UTC Comment 3 is private 1 0
CC vdronov
Yasuhiro Ozone 2016-12-08 07:32:32 UTC CC yozone
Ash Westbrook 2016-12-08 16:39:53 UTC CC awestbro
Flags needinfo?
Prasad Pandit 2016-12-13 14:56:13 UTC CC prasad
Flags needinfo?
Karl Abbott 2017-01-06 18:23:19 UTC CC kabbott
Eric Christensen 2017-01-16 14:51:51 UTC Doc Text A flaw was found in the Linux kernels implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault. A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault.
Eric Christensen 2017-01-16 15:00:52 UTC Doc Text A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault. A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault.
Martin Prpič 2017-01-17 10:11:46 UTC Doc Text A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault. A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash.
PnT Account Manager 2018-02-07 23:20:58 UTC CC agordeev
PnT Account Manager 2018-07-19 06:22:16 UTC CC mguzik
PnT Account Manager 2018-08-28 22:10:06 UTC CC lwang
Eric Sammons 2019-02-08 14:59:31 UTC CC esammons
PnT Account Manager 2019-02-28 22:31:09 UTC CC jkastner
Product Security DevOps Team 2019-06-08 03:02:38 UTC Status NEW CLOSED
Resolution --- ERRATA
Last Closed 2019-06-08 03:02:38 UTC
Product Security DevOps Team 2019-09-29 14:00:54 UTC Whiteboard impact=moderate,public=20161025,reported=20161122,source=oss-security,cvss2=7.1/AV:N/AC:M/Au:N/C:N/I:N/A:C,cvss3=5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,cwe=CWE-125,rhel-5/kernel=affected,rhel-6/kernel=affected,rhel-7/kernel=affected,rhel-7/kernel-rt=affected,mrg-2/realtime-kernel=affected,rhelsa-7/arm-kernel=affected,fedora-all/kernel=affected

Back to bug 1397930