|
Bugzilla – Activity log for bug 1068390: VUL-0: CVE-2017-16837: tboot: Certain function pointers in Trusted Boot (tboot) through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module (TPM) by h |
Back to bug 1068390
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| smash_bz | 2017-11-16 10:25:21 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) | |
| matthias.gerstner | 2017-11-16 13:37:02 UTC | Status | NEW | IN_PROGRESS |
| swamp | 2017-11-16 15:42:23 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) maint:planned:update |
| swamp | 2017-11-16 23:12:15 UTC | Priority | P5 - None | P3 - Medium |
| swamp | 2017-11-17 15:37:03 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) maint:planned:update | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) ibs:running:5726:moderate |
| swamp | 2017-11-17 23:35:19 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) ibs:running:5726:moderate | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) ibs:running:5726:moderate obs:running:7497:important |
| smash_bz | 2017-11-20 15:37:46 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) ibs:running:5726:moderate obs:running:7497:important | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) ibs:running:5726:moderate obs:running:7497:important CVSSv3:RedHat:CVE-2017-16837:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) |
| swamp | 2017-11-24 15:35:45 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) ibs:running:5726:moderate obs:running:7497:important CVSSv3:RedHat:CVE-2017-16837:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) obs:running:7497:important CVSSv3:RedHat:CVE-2017-16837:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) |
| astieger | 2017-11-25 19:58:54 UTC | Status | IN_PROGRESS | RESOLVED |
| CC | astieger, matthias.gerstner | |||
| Resolution | --- | FIXED | ||
| Assignee | matthias.gerstner | security-team | ||
| swamp | 2017-11-25 23:36:31 UTC | Whiteboard | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) obs:running:7497:important CVSSv3:RedHat:CVE-2017-16837:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) | CVSSv3:SUSE:CVE-2017-16837:7.4:(AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) CVSSv2:SUSE:CVE-2017-16837:6.9:(AV:L/AC:M/Au:N/C:C/I:C/A:C) CVSSv3:RedHat:CVE-2017-16837:5.5:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) |
Back to bug 1068390