ID CVE-2016-0758
Summary Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux Server EUS 7.2
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2
  • Red Hat Enterprise Linux Server AUS 7.2
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2
  • Red Hat Enterprise Linux HPC Node EUS 7.2
    cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • RedHat Enterprise Linux HPC Node 7.0
    cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • Linux Kernel 4.5.0
    cpe:2.3:o:linux:linux_kernel:4.5.0
CVSS
Base: 7.2 (as of 15-07-2016 - 10:07)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
redhat via4
advisories
  • bugzilla
    id 1322033
    title kernel-rt: update to the RHEL7.2.z batch#4 source tree
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment kernel-rt is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051013
        • comment kernel-rt is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727006
      • AND
        • comment kernel-rt-debug is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051011
        • comment kernel-rt-debug is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727014
      • AND
        • comment kernel-rt-debug-devel is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051021
        • comment kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727016
      • AND
        • comment kernel-rt-debug-kvm is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051023
        • comment kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152411008
      • AND
        • comment kernel-rt-devel is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051009
        • comment kernel-rt-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727012
      • AND
        • comment kernel-rt-doc is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051005
        • comment kernel-rt-doc is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727022
      • AND
        • comment kernel-rt-kvm is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051015
        • comment kernel-rt-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152411024
      • AND
        • comment kernel-rt-trace is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051007
        • comment kernel-rt-trace is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727008
      • AND
        • comment kernel-rt-trace-devel is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051019
        • comment kernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20150727010
      • AND
        • comment kernel-rt-trace-kvm is earlier than 0:3.10.0-327.18.2.rt56.223.el7_2
          oval oval:com.redhat.rhsa:tst:20161051017
        • comment kernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152411014
    rhsa
    id RHSA-2016:1051
    released 2016-05-12
    severity Important
    title RHSA-2016:1051: kernel-rt security, bug fix, and enhancement update (Important)
  • rhsa
    id RHSA-2016:1033
  • rhsa
    id RHSA-2016:1055
rpms
  • kernel-0:3.10.0-327.18.2.el7
  • kernel-abi-whitelists-0:3.10.0-327.18.2.el7
  • kernel-bootwrapper-0:3.10.0-327.18.2.el7
  • kernel-debug-0:3.10.0-327.18.2.el7
  • kernel-debug-devel-0:3.10.0-327.18.2.el7
  • kernel-devel-0:3.10.0-327.18.2.el7
  • kernel-doc-0:3.10.0-327.18.2.el7
  • kernel-headers-0:3.10.0-327.18.2.el7
  • kernel-kdump-0:3.10.0-327.18.2.el7
  • kernel-kdump-devel-0:3.10.0-327.18.2.el7
  • kernel-tools-0:3.10.0-327.18.2.el7
  • kernel-tools-libs-0:3.10.0-327.18.2.el7
  • kernel-tools-libs-devel-0:3.10.0-327.18.2.el7
  • perf-0:3.10.0-327.18.2.el7
  • python-perf-0:3.10.0-327.18.2.el7
  • kernel-rt-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-debug-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-debug-devel-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-debug-kvm-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-devel-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-doc-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-kvm-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-trace-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-trace-devel-0:3.10.0-327.18.2.rt56.223.el7_2
  • kernel-rt-trace-kvm-0:3.10.0-327.18.2.rt56.223.el7_2
refmap via4
bid 90626
confirm
hp HPSBHF3548
mlist [oss-security] 20160513 CVE-2016-0758 - Linux kernel - Flaw in ASN.1 DER decoder for x509 certificate DER files.
suse
  • SUSE-SU-2016:1672
  • SUSE-SU-2016:1690
  • SUSE-SU-2016:1937
  • SUSE-SU-2016:1961
  • SUSE-SU-2016:1985
  • SUSE-SU-2016:1994
  • SUSE-SU-2016:1995
  • SUSE-SU-2016:2000
  • SUSE-SU-2016:2001
  • SUSE-SU-2016:2002
  • SUSE-SU-2016:2003
  • SUSE-SU-2016:2005
  • SUSE-SU-2016:2006
  • SUSE-SU-2016:2007
  • SUSE-SU-2016:2009
  • SUSE-SU-2016:2010
  • SUSE-SU-2016:2011
  • SUSE-SU-2016:2014
  • SUSE-SU-2016:2105
  • openSUSE-SU-2016:1641
  • openSUSE-SU-2016:2184
ubuntu USN-2979-4
Last major update 28-11-2016 - 14:55
Published 27-06-2016 - 06:59
Back to Top