Bug 1007157

Summary: VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode
Product: [Novell Products] SUSE Security Incidents Reporter: Johannes Segitz <jsegitz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: astieger, carnold, mikhail.kasimov, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv2:SUSE:CVE-2016-8910:3.5:(AV:N/AC:M/Au:S/C:N/I:N/A:P) CVSSv3.1:SUSE:CVE-2016-8910:3.0:(AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L) maint:released:oes11-sp2:63258 maint:released:sle10-sp3:63239 maint:running:63247:important
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Johannes Segitz 2016-10-27 06:04:24 UTC
+++ This bug was initially created as a clone of Bug #1006538 +++

Reference: http://seclists.org/oss-sec/2016/q4/223
===================================================
  Hello,

Quick Emulator(Qemu) built with the RTL8139 ethernet controller emulation support is vulnerable to an infinite loop issue. It could occur while transmitting packets in C+ mode of operation.


A privileged user inside guest could use this flaw to consume excessive CPU cycles on the host, resulting in DoS situation.


Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html


Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
===================================================
Comment 1 Swamp Workflow Management 2016-10-27 22:00:12 UTC
bugbot adjusting priority
Comment 2 Swamp Workflow Management 2016-11-30 13:00:22 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-12-07.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63236
Comment 3 Charles Arnold 2016-11-30 16:28:00 UTC
Submissions:
============
SUSE:SLE-12-SP2:Update: 124867
SUSE:SLE-12-SP1:Update: 124868
SUSE:SLE-12:Update: 124869
SUSE:SLE-11-SP4:Update: 124870
SUSE:SLE-11-SP3:Update: 124871
SUSE:SLE-11-SP2:Update: 124872
SUSE:SLE-11-SP1:Update: 124873
SUSE:SLE-11-SP1:Update:Teradata: 124981
SUSE:SLE-10-SP4:Update:Test: 124874
SUSE:SLE-10-SP3:Update:Test: 124875
Comment 4 Swamp Workflow Management 2016-12-07 19:08:55 UTC
SUSE-SU-2016:3044-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1000893,1003030,1003032,1005004,1005005,1007157,1009100,1009103,1009107,1009109,1009111,1011652,990843
CVE References: CVE-2016-6351,CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    xen-4.1.6_08-32.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    xen-4.1.6_08-32.1
Comment 5 Swamp Workflow Management 2016-12-09 17:08:38 UTC
SUSE-SU-2016:3067-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1004981,1005004,1005005,1007157,1007941,1009100,1009103,1009104,1009105,1009107,1009108,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8910,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9384,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    xen-4.7.1_02-25.1
SUSE Linux Enterprise Server 12-SP2 (src):    xen-4.7.1_02-25.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    xen-4.7.1_02-25.1
Comment 6 Swamp Workflow Management 2016-12-12 12:09:19 UTC
SUSE-SU-2016:3083-1: An update that fixes 19 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1003870,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009108,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-7995,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    xen-4.5.5_02-22.3.1
SUSE Linux Enterprise Server 12-SP1 (src):    xen-4.5.5_02-22.3.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    xen-4.5.5_02-22.3.1
Comment 7 Swamp Workflow Management 2016-12-14 00:19:59 UTC
openSUSE-SU-2016:3134-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1004981,1005004,1005005,1007157,1007941,1009100,1009103,1009104,1009105,1009107,1009108,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8910,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9384,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
openSUSE Leap 42.2 (src):    xen-4.7.1_02-3.1
Comment 8 Swamp Workflow Management 2016-12-14 17:09:04 UTC
SUSE-SU-2016:3156-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009109,1009111,1011652,953518
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Server for SAP 12 (src):    xen-4.4.4_05-22.25.1
SUSE Linux Enterprise Server 12-LTSS (src):    xen-4.4.4_05-22.25.1
Comment 9 Swamp Workflow Management 2016-12-16 15:09:19 UTC
SUSE-SU-2016:3174-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1000893,1003030,1003032,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    xen-4.4.4_10-43.5
SUSE Linux Enterprise Server 11-SP4 (src):    xen-4.4.4_10-43.5
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    xen-4.4.4_10-43.5
Comment 10 Marcus Meissner 2016-12-22 11:59:48 UTC
released
Comment 11 Swamp Workflow Management 2016-12-27 16:12:17 UTC
SUSE-SU-2016:3273-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1000893,1003030,1003032,1005004,1005005,1007157,1007160,1009100,1009103,1009107,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE OpenStack Cloud 5 (src):    xen-4.2.5_21-30.1
SUSE Manager Proxy 2.1 (src):    xen-4.2.5_21-30.1
SUSE Manager 2.1 (src):    xen-4.2.5_21-30.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    xen-4.2.5_21-30.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    xen-4.2.5_21-30.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    xen-4.2.5_21-30.1
Comment 12 Swamp Workflow Management 2017-01-02 12:09:44 UTC
openSUSE-SU-2017:0007-1: An update that fixes 24 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1002496,1003030,1003032,1003870,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009108,1009109,1009111,1011652,1012651,1013657,1013668,1014298,1016340
CVE References: CVE-2016-10013,CVE-2016-10024,CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-7995,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9101,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637,CVE-2016-9776,CVE-2016-9932
Sources used:
openSUSE Leap 42.1 (src):    xen-4.5.5_06-18.1
Comment 13 Swamp Workflow Management 2017-01-02 12:13:50 UTC
openSUSE-SU-2017:0008-1: An update that solves 19 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1000106,1000195,1002496,1003030,1003032,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009109,1009111,1011652,1012651,1014298,1016340,953518
CVE References: CVE-2016-10013,CVE-2016-10024,CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637,CVE-2016-9932
Sources used:
openSUSE 13.2 (src):    xen-4.4.4_06-58.1
Comment 14 Charles Arnold 2017-02-08 20:22:51 UTC
*** Bug 1024178 has been marked as a duplicate of this bug. ***