rhsa-2016_0379
Vulnerability from csaf_redhat
Published
2016-03-09 14:10
Modified
2024-11-14 19:01
Summary
Red Hat Security Advisory: rhev-hypervisor security, bug fix and enhancement update
Notes
Topic
An updated rhev-hypervisor package that fixes several security issues,
bugs, and enhancements is now available.
Red Hat Product Security has rated this update as having Important
security impact. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Details
The rhev-hypervisor package provides a Red Hat Enterprise
Virtualization Hypervisor ISO disk image. The Red Hat Enterprise
Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine
(KVM) hypervisor. It includes everything necessary to run and manage
virtual machines: a subset of the Red Hat Enterprise Linux operating
environment and the Red Hat Enterprise Virtualization Agent.
Note: Red Hat Enterprise Virtualization Hypervisor is only available
for the Intel 64 and AMD64 architectures with virtualization
extensions.
A padding oracle flaw was found in the Secure Sockets Layer version
2.0 (SSLv2) protocol. An attacker could potentially use this flaw to
decrypt RSA-encrypted cipher text from a connection using a newer
SSL/TLS protocol version, allowing them to decrypt such connections.
This cross-protocol attack is publicly referred to as DROWN.
(CVE-2016-0800)
Note: This issue was addressed by disabling the SSLv2 protocol by
default when using the 'SSLv23' connection methods, and removing
support for weak SSLv2 cipher suites. For more information, refer to
the knowledge base article linked in the References section.
A flaw was found in the way malicious SSLv2 clients could negotiate
SSLv2 ciphers that have been disabled on the server. This could
result in weak SSLv2 ciphers being used for SSLv2 connections,
making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197)
A side-channel attack was found that makes use of cache-bank
conflicts on the Intel Sandy-Bridge microarchitecture. An attacker
who has the ability to control code in a thread running on the same
hyper-threaded core as the victim's thread that is performing
decryption, could use this flaw to recover RSA private keys.
(CVE-2016-0702)
A double-free flaw was found in the way OpenSSL parsed certain
malformed DSA (Digital Signature Algorithm) private keys. An
attacker could create specially crafted DSA private keys that, when
processed by an application compiled against OpenSSL, could cause
the application to crash. (CVE-2016-0705)
An integer overflow flaw, leading to a NULL pointer dereference or a
heap-based memory corruption, was found in the way some BIGNUM
functions of OpenSSL were implemented. Applications that use these
functions with large untrusted input could crash or, potentially,
execute arbitrary code. (CVE-2016-0797)
Red Hat would like to thank the OpenSSL project for reporting these
issues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel
as the original reporters of CVE-2016-0800 and CVE-2015-3197; Yuval
Yarom (University of Adelaide and NICTA), Daniel Genkin (Technion
and Tel Aviv University), Nadia Heninger (University of Pennsylvania)
as the original reporters of CVE-2016-0702; Adam Langley (Google/
BoringSSL) as the original reporter of CVE-2016-0705; and Guido
Vranken as the original reporter of CVE-2016-0797.
All openssl users are advised to upgrade to this updated package,
which contain backported patches to correct these issues. For the
update to take effect, all services linked to the OpenSSL library
must be restarted, or the system rebooted.
Changes to the rhev-hypervisor component:
* Previously, a race between services during boot prevented network
configuration from upgrading correctly. The risk for the race has
now been reduced significantly to allow the upgrade of the network
configuration to complete correctly. (BZ#1194068)
* Previously, using the text user interface (TUI) to log in to the
administrator account of Red Hat Enterprise Virtualization
Hypervisor failed with a Python backtrace. This update makes the
"six" module correctly importable under all circumstances, which
ensures that logging in to Red Hat Enterprise Virtualization
Hypervisor using TUI proceeds as expected. (BZ#1246836)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated rhev-hypervisor package that fixes several security issues,\nbugs, and enhancements is now available.\n\nRed Hat Product Security has rated this update as having Important \nsecurity impact. A Common Vulnerability Scoring System (CVSS) base \nscore, which gives a detailed severity rating, is available from the \nCVE link in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The rhev-hypervisor package provides a Red Hat Enterprise \nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise \nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine \n(KVM) hypervisor. It includes everything necessary to run and manage \nvirtual machines: a subset of the Red Hat Enterprise Linux operating \nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available \nfor the Intel 64 and AMD64 architectures with virtualization \nextensions.\n\nA padding oracle flaw was found in the Secure Sockets Layer version \n2.0 (SSLv2) protocol. An attacker could potentially use this flaw to \ndecrypt RSA-encrypted cipher text from a connection using a newer \nSSL/TLS protocol version, allowing them to decrypt such connections. \nThis cross-protocol attack is publicly referred to as DROWN. \n(CVE-2016-0800)\n\nNote: This issue was addressed by disabling the SSLv2 protocol by \ndefault when using the \u0027SSLv23\u0027 connection methods, and removing \nsupport for weak SSLv2 cipher suites. For more information, refer to \nthe knowledge base article linked in the References section.\n\nA flaw was found in the way malicious SSLv2 clients could negotiate \nSSLv2 ciphers that have been disabled on the server. This could \nresult in weak SSLv2 ciphers being used for SSLv2 connections, \nmaking them vulnerable to man-in-the-middle attacks. (CVE-2015-3197)\n\nA side-channel attack was found that makes use of cache-bank \nconflicts on the Intel Sandy-Bridge microarchitecture. An attacker \nwho has the ability to control code in a thread running on the same \nhyper-threaded core as the victim\u0027s thread that is performing \ndecryption, could use this flaw to recover RSA private keys. \n(CVE-2016-0702)\n\nA double-free flaw was found in the way OpenSSL parsed certain \nmalformed DSA (Digital Signature Algorithm) private keys. An \nattacker could create specially crafted DSA private keys that, when \nprocessed by an application compiled against OpenSSL, could cause \nthe application to crash. (CVE-2016-0705)\n\nAn integer overflow flaw, leading to a NULL pointer dereference or a\nheap-based memory corruption, was found in the way some BIGNUM \nfunctions of OpenSSL were implemented. Applications that use these \nfunctions with large untrusted input could crash or, potentially, \nexecute arbitrary code. (CVE-2016-0797)\n\nRed Hat would like to thank the OpenSSL project for reporting these \nissues. Upstream acknowledges Nimrod Aviram and Sebastian Schinzel\nas the original reporters of CVE-2016-0800 and CVE-2015-3197; Yuval\nYarom (University of Adelaide and NICTA), Daniel Genkin (Technion\nand Tel Aviv University), Nadia Heninger (University of Pennsylvania)\nas the original reporters of CVE-2016-0702; Adam Langley (Google/\nBoringSSL) as the original reporter of CVE-2016-0705; and Guido\nVranken as the original reporter of CVE-2016-0797.\n\nAll openssl users are advised to upgrade to this updated package,\nwhich contain backported patches to correct these issues. For the \nupdate to take effect, all services linked to the OpenSSL library \nmust be restarted, or the system rebooted.\n\nChanges to the rhev-hypervisor component:\n\n* Previously, a race between services during boot prevented network \nconfiguration from upgrading correctly. The risk for the race has \nnow been reduced significantly to allow the upgrade of the network \nconfiguration to complete correctly. (BZ#1194068)\n\n* Previously, using the text user interface (TUI) to log in to the \nadministrator account of Red Hat Enterprise Virtualization \nHypervisor failed with a Python backtrace. This update makes the \n\"six\" module correctly importable under all circumstances, which \nensures that logging in to Red Hat Enterprise Virtualization \nHypervisor using TUI proceeds as expected. (BZ#1246836)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0379",
"url": "https://access.redhat.com/errata/RHSA-2016:0379"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1194068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1194068"
},
{
"category": "external",
"summary": "1236508",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1236508"
},
{
"category": "external",
"summary": "1283498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283498"
},
{
"category": "external",
"summary": "1301846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301846"
},
{
"category": "external",
"summary": "1302248",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1302248"
},
{
"category": "external",
"summary": "1310593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310593"
},
{
"category": "external",
"summary": "1310596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310596"
},
{
"category": "external",
"summary": "1310599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310599"
},
{
"category": "external",
"summary": "1311880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311880"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0379.json"
}
],
"title": "Red Hat Security Advisory: rhev-hypervisor security, bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-14T19:01:31+00:00",
"generator": {
"date": "2024-11-14T19:01:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:0379",
"initial_release_date": "2016-03-09T14:10:28+00:00",
"revision_history": [
{
"date": "2016-03-09T14:10:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-09T14:10:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T19:01:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEV Hypervisor for RHEL-6",
"product": {
"name": "RHEV Hypervisor for RHEL-6",
"product_id": "6Server-RHEV-Hypervisor",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::hypervisor"
}
}
},
{
"category": "product_name",
"name": "RHEL 7-based RHEV-H",
"product": {
"name": "RHEL 7-based RHEV-H",
"product_id": "7Server-RHEV-Hypervisor-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"product": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"product_id": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor7@7.2-20160302.1.el6ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"product": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"product_id": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor7@7.2-20160302.1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"product": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"product_id": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor7@7.2-20160302.1.el6ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.src",
"product": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.src",
"product_id": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhev-hypervisor7@7.2-20160302.1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch as a component of RHEV Hypervisor for RHEL-6",
"product_id": "6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch"
},
"product_reference": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"relates_to_product_reference": "6Server-RHEV-Hypervisor"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.src as a component of RHEV Hypervisor for RHEL-6",
"product_id": "6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src"
},
"product_reference": "rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"relates_to_product_reference": "6Server-RHEV-Hypervisor"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch as a component of RHEL 7-based RHEV-H",
"product_id": "7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch"
},
"product_reference": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.src as a component of RHEL 7-based RHEV-H",
"product_id": "7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
},
"product_reference": "rhev-hypervisor7-0:7.2-20160302.1.el7ev.src",
"relates_to_product_reference": "7Server-RHEV-Hypervisor-7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Nimrod Aviram",
"Sebastian Schinzel"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2015-3197",
"discovery_date": "2016-01-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1301846"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that were disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenSSL: SSLv2 doesn\u0027t block disabled ciphers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This security flaw can only be exploited when a malicious client negotiates SSLv2 ciphers and completes a SSLv2 handshake. This flaw cannot be actively exploited by a Man-In-The-Middle attacker. \n\nAll versions of OpenSSL shipped with Red Hat Enterprise Linux enable SSLv2 protocol, but disable SSLv2 ciphers by default (in Red Hat Enterprise Linux 6 and later), therefore are vulnerable to this flaw. Red Hat Product Security has rated this issue as having Low security impact, a future update may address this flaw.\n\nSSLv2 suffers from a number of security flaws allowing attackers to capture and alter information passed between a client and the server. Therefore we strongly recommend that SSLv2 should be disabled on all the SSL/TLS servers.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2015-3197"
},
{
"category": "external",
"summary": "RHBZ#1301846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301846"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2015-3197",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3197"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-3197",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3197"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160128.txt",
"url": "https://www.openssl.org/news/secadv/20160128.txt"
}
],
"release_date": "2016-01-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-09T14:10:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0379"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenSSL: SSLv2 doesn\u0027t block disabled ciphers"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Daniel Genkin"
],
"organization": "Technion and Tel Aviv University",
"summary": "Acknowledged by upstream."
},
{
"names": [
"Nadia Heninger"
],
"organization": "University of Pennsylvania",
"summary": "Acknowledged by upstream."
},
{
"names": [
"Yuval Yarom"
],
"organization": "University of Adelaide and NICTA",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0702",
"discovery_date": "2016-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310599"
}
],
"notes": [
{
"category": "description",
"text": "A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim\u0027s thread that is performing decryption, could use this flaw to recover RSA private keys.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenSSL: Side channel attack on modular exponentiation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0702"
},
{
"category": "external",
"summary": "RHBZ#1310599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310599"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0702",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0702"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0702",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0702"
},
{
"category": "external",
"summary": "http://cachebleed.info/",
"url": "http://cachebleed.info/"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160301.txt",
"url": "https://www.openssl.org/news/secadv/20160301.txt"
}
],
"release_date": "2016-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-09T14:10:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0379"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenSSL: Side channel attack on modular exponentiation"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Adam Langley"
],
"organization": "Google/BoringSSL",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0705",
"discovery_date": "2016-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310596"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the way OpenSSL parsed certain malformed DSA (Digital Signature Algorithm) private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenSSL: Double-free in DSA code",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0705"
},
{
"category": "external",
"summary": "RHBZ#1310596",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310596"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0705"
}
],
"release_date": "2016-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-09T14:10:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0379"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenSSL: Double-free in DSA code"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Guido Vranken"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0797",
"discovery_date": "2016-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1311880"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw, leading to a NULL pointer dereference or a heap-based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenSSL: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0797"
},
{
"category": "external",
"summary": "RHBZ#1311880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1311880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0797"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0797",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0797"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160301.txt",
"url": "https://www.openssl.org/news/secadv/20160301.txt"
}
],
"release_date": "2016-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-09T14:10:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0379"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenSSL: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption"
},
{
"acknowledgments": [
{
"names": [
"the OpenSSL project"
]
},
{
"names": [
"Nimrod Aviram",
"Sebastian Schinzel"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-0800",
"discovery_date": "2016-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1310593"
}
],
"notes": [
{
"category": "description",
"text": "A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-0800"
},
{
"category": "external",
"summary": "RHBZ#1310593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310593"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-0800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0800"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/2176731",
"url": "https://access.redhat.com/articles/2176731"
},
{
"category": "external",
"summary": "https://www.drownattack.com/",
"url": "https://www.drownattack.com/"
},
{
"category": "external",
"summary": "https://www.openssl.org/news/secadv/20160301.txt",
"url": "https://www.openssl.org/news/secadv/20160301.txt"
}
],
"release_date": "2016-03-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-09T14:10:28+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0379"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.noarch",
"6Server-RHEV-Hypervisor:rhev-hypervisor7-0:7.2-20160302.1.el6ev.src",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.noarch",
"7Server-RHEV-Hypervisor-7:rhev-hypervisor7-0:7.2-20160302.1.el7ev.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.