Bug 1007157 – VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode

Bug 1007157 - VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode


Summary:	VUL-0: CVE-2016-8910: xen: net: rtl8139: infinite loop while transmit in C+ mode

Status:	RESOLVED FIXED
Duplicates:	1024178 (view as bug list)

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv2:SUSE:CVE-2016-8910:3.5:(AV:N/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2016-10-27 06:04 UTC by Johannes Segitz
Modified:	2022-09-23 08:02 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2016-10-27 06:04:24 UTC

+++ This bug was initially created as a clone of Bug #1006538 +++

Reference: http://seclists.org/oss-sec/2016/q4/223
===================================================
  Hello,

Quick Emulator(Qemu) built with the RTL8139 ethernet controller emulation support is vulnerable to an infinite loop issue. It could occur while transmitting packets in C+ mode of operation.


A privileged user inside guest could use this flaw to consume excessive CPU cycles on the host, resulting in DoS situation.


Upstream patch:
---------------
  -> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg05495.html


Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
===================================================

Comment 1 Swamp Workflow Management 2016-10-27 22:00:12 UTC

bugbot adjusting priority

Comment 2 Swamp Workflow Management 2016-11-30 13:00:22 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-12-07.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63236

Comment 3 Charles Arnold 2016-11-30 16:28:00 UTC

Submissions:
============
SUSE:SLE-12-SP2:Update: 124867
SUSE:SLE-12-SP1:Update: 124868
SUSE:SLE-12:Update: 124869
SUSE:SLE-11-SP4:Update: 124870
SUSE:SLE-11-SP3:Update: 124871
SUSE:SLE-11-SP2:Update: 124872
SUSE:SLE-11-SP1:Update: 124873
SUSE:SLE-11-SP1:Update:Teradata: 124981
SUSE:SLE-10-SP4:Update:Test: 124874
SUSE:SLE-10-SP3:Update:Test: 124875

Comment 4 Swamp Workflow Management 2016-12-07 19:08:55 UTC

SUSE-SU-2016:3044-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1000893,1003030,1003032,1005004,1005005,1007157,1009100,1009103,1009107,1009109,1009111,1011652,990843
CVE References: CVE-2016-6351,CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    xen-4.1.6_08-32.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    xen-4.1.6_08-32.1

Comment 5 Swamp Workflow Management 2016-12-09 17:08:38 UTC

SUSE-SU-2016:3067-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1004981,1005004,1005005,1007157,1007941,1009100,1009103,1009104,1009105,1009107,1009108,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8910,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9384,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    xen-4.7.1_02-25.1
SUSE Linux Enterprise Server 12-SP2 (src):    xen-4.7.1_02-25.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    xen-4.7.1_02-25.1

Comment 6 Swamp Workflow Management 2016-12-12 12:09:19 UTC

SUSE-SU-2016:3083-1: An update that fixes 19 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1003870,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009108,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-7995,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    xen-4.5.5_02-22.3.1
SUSE Linux Enterprise Server 12-SP1 (src):    xen-4.5.5_02-22.3.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    xen-4.5.5_02-22.3.1

Comment 7 Swamp Workflow Management 2016-12-14 00:19:59 UTC

openSUSE-SU-2016:3134-1: An update that fixes 17 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1004981,1005004,1005005,1007157,1007941,1009100,1009103,1009104,1009105,1009107,1009108,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8910,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9384,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
openSUSE Leap 42.2 (src):    xen-4.7.1_02-3.1

Comment 8 Swamp Workflow Management 2016-12-14 17:09:04 UTC

SUSE-SU-2016:3156-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1003030,1003032,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009109,1009111,1011652,953518
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Server for SAP 12 (src):    xen-4.4.4_05-22.25.1
SUSE Linux Enterprise Server 12-LTSS (src):    xen-4.4.4_05-22.25.1

Comment 9 Swamp Workflow Management 2016-12-16 15:09:19 UTC

SUSE-SU-2016:3174-1: An update that fixes 16 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1000893,1003030,1003032,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    xen-4.4.4_10-43.5
SUSE Linux Enterprise Server 11-SP4 (src):    xen-4.4.4_10-43.5
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    xen-4.4.4_10-43.5

Comment 10 Marcus Meissner 2016-12-22 11:59:48 UTC

released

Comment 11 Swamp Workflow Management 2016-12-27 16:12:17 UTC

SUSE-SU-2016:3273-1: An update that fixes 14 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1000893,1003030,1003032,1005004,1005005,1007157,1007160,1009100,1009103,1009107,1009109,1009111,1011652
CVE References: CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9386,CVE-2016-9637
Sources used:
SUSE OpenStack Cloud 5 (src):    xen-4.2.5_21-30.1
SUSE Manager Proxy 2.1 (src):    xen-4.2.5_21-30.1
SUSE Manager 2.1 (src):    xen-4.2.5_21-30.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    xen-4.2.5_21-30.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    xen-4.2.5_21-30.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    xen-4.2.5_21-30.1

Comment 12 Swamp Workflow Management 2017-01-02 12:09:44 UTC

openSUSE-SU-2017:0007-1: An update that fixes 24 vulnerabilities is now available.

Category: security (important)
Bug References: 1000106,1002496,1003030,1003032,1003870,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009108,1009109,1009111,1011652,1012651,1013657,1013668,1014298,1016340
CVE References: CVE-2016-10013,CVE-2016-10024,CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-7995,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9101,CVE-2016-9377,CVE-2016-9378,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637,CVE-2016-9776,CVE-2016-9932
Sources used:
openSUSE Leap 42.1 (src):    xen-4.5.5_06-18.1

Comment 13 Swamp Workflow Management 2017-01-02 12:13:50 UTC

openSUSE-SU-2017:0008-1: An update that solves 19 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1000106,1000195,1002496,1003030,1003032,1004016,1005004,1005005,1007157,1007160,1009100,1009103,1009104,1009107,1009109,1009111,1011652,1012651,1014298,1016340,953518
CVE References: CVE-2016-10013,CVE-2016-10024,CVE-2016-7777,CVE-2016-7908,CVE-2016-7909,CVE-2016-8576,CVE-2016-8667,CVE-2016-8669,CVE-2016-8909,CVE-2016-8910,CVE-2016-9379,CVE-2016-9380,CVE-2016-9381,CVE-2016-9382,CVE-2016-9383,CVE-2016-9385,CVE-2016-9386,CVE-2016-9637,CVE-2016-9932
Sources used:
openSUSE 13.2 (src):    xen-4.4.4_06-58.1

Comment 14 Charles Arnold 2017-02-08 20:22:51 UTC

*** Bug 1024178 has been marked as a duplicate of this bug. ***