Bug 1353490 (CVE-2016-6156)
Summary: | CVE-2016-6156 kernel: Race condition vulnerability in Chrome driver | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | aquini, bhu, carnil, dhoward, fhrbata, gansalmon, iboverma, itamar, jforbes, jkacur, joelsmith, jonathan, jross, jwboyer, kernel-maint, kernel-mgr, kstutsma, lgoncalv, madhu.chinakonda, mchehab, mcressma, nmurray, rt-maint, rvrbovsk, slawomir, williams, wmealing |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
A timing flaw was found in the Chrome EC driver in the Linux kernel. An attacker could abuse timing to skip validation checks to copy additional data from userspace possibly increasing privilege or crashing the system.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-21 00:53:55 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1353491, 1362383, 1362384 | ||
Bug Blocks: | 1353492 |
Description
Andrej Nemec
2016-07-07 09:26:00 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1353491] kernel-4.6.4-201.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. kernel-4.6.4-301.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. Statement: This issue does not affect Red Hat Enterprise Linux products as they have not included this feature in any shipping products. |