Bug 1296567 (CVE-2016-2857)
| Summary: | CVE-2016-2857 Qemu: net: out of bounds read in net_checksum_calculate() | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Adam Mariš <amaris> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | abaron, alonbl, apevec, areis, ayoung, bmcclain, chayang, chrisw, cvsbot-xmlrpc, dallan, dblechte, gkotton, gmollett, jen, jjoyce, jschluet, juzhang, kbasil, knoel, lhh, lpeer, markmc, mburns, mgoldboi, michal.skrivanek, mkenneth, mrezanin, mst, pbonzini, ppandit, rbryant, sclewis, security-response-team, slong, srevivo, tdecacqu, virt-maint, ykaul |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service).
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-08 02:47:17 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1309564, 1309565, 1398213, 1398214, 1398215, 1398216, 1398217, 1398218, 1398219, 1398220, 1398221, 1398222, 1398223, 1398224, 1398225, 1416151, 1419380, 1419381 | ||
| Bug Blocks: | 1296569, 1370384 | ||
|
Description
Adam Mariš
2016-01-07 15:05:54 UTC
Acknowledgments: Name: Ling Liu (Qihoo 360 Inc.) Statement: This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/. Created xen tracking bugs for this issue: Affects: fedora-all [bug 1309565] Created qemu tracking bugs for this issue: Affects: fedora-all [bug 1309564] xen-4.5.2-9.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. xen-4.5.2-9.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. qemu-2.4.1-8.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. qemu-2.5.0-10.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. qemu-2.3.1-13.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:0083 https://rhn.redhat.com/errata/RHSA-2017-0083.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0309 https://rhn.redhat.com/errata/RHSA-2017-0309.html This issue has been addressed in the following products: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 Via RHSA-2017:0334 https://rhn.redhat.com/errata/RHSA-2017-0334.html This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-6 Via RHSA-2017:0344 https://rhn.redhat.com/errata/RHSA-2017-0344.html This issue has been addressed in the following products: RHEV 3.X Hypervisor and Agents for RHEL-7 RHEV 4.X RHEV-H and Agents for RHEL-7 Via RHSA-2017:0350 https://rhn.redhat.com/errata/RHSA-2017-0350.html |