Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2017-AVI-016
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP2 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server pour Raspberry Pi 12-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP2 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP2 |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server pour Raspberry Pi 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-7917",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7917"
},
{
"name": "CVE-2016-7913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
},
{
"name": "CVE-2016-9793",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9793"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2016-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7425"
},
{
"name": "CVE-2016-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7039"
},
{
"name": "CVE-2016-9919",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9919"
},
{
"name": "CVE-2016-9083",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9083"
},
{
"name": "CVE-2016-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7042"
},
{
"name": "CVE-2016-8645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8645"
},
{
"name": "CVE-2016-8666",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8666"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-9084",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9084"
}
],
"initial_release_date": "2017-01-18T00:00:00",
"last_revision_date": "2017-01-18T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0181-1 du 17 janvier 2017",
"url": "https://www.suse.com//support/update/announcement/2017/suse-su-20170181-1.html"
}
],
"reference": "CERTFR-2017-AVI-016",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-01-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:0181-1 du 17 janvier 2017",
"url": null
}
]
}
CVE-2016-9793 (GCVE-0-2016-9793)
Vulnerability from cvelistv5
Published
2016-12-28 07:42
Modified
2024-08-06 02:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
},
{
"name": "1037968",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037968"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
},
{
"name": "RHSA-2017:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0932"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793"
},
{
"name": "94655",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94655"
},
{
"name": "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/03/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
},
{
"name": "RHSA-2017:0933",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0933"
},
{
"name": "RHSA-2017:0931",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0931"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-03-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
},
{
"name": "1037968",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037968"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
},
{
"name": "RHSA-2017:0932",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0932"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793"
},
{
"name": "94655",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94655"
},
{
"name": "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/03/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
},
{
"name": "RHSA-2017:0933",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0933"
},
{
"name": "RHSA-2017:0931",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0931"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-03-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
},
{
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290"
},
{
"name": "RHSA-2017:0932",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0932"
},
{
"name": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793",
"refsource": "MISC",
"url": "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793"
},
{
"name": "94655",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94655"
},
{
"name": "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/03/1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
},
{
"name": "RHSA-2017:0933",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0933"
},
{
"name": "RHSA-2017:0931",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0931"
},
{
"name": "https://source.android.com/security/bulletin/2017-03-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9793",
"datePublished": "2016-12-28T07:42:00",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-08-06T02:59:03.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8645 (GCVE-0-2016-8645)
Vulnerability from cvelistv5
Published
2016-11-28 03:01
Modified
2024-08-06 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20161130 Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/30/3"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393904"
},
{
"name": "94264",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94264"
},
{
"name": "1037285",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037285"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10"
},
{
"name": "[oss-security] 20161111 CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/11/3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac6e780070e30e4c35bd395acfe9191e6268bdd3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/ac6e780070e30e4c35bd395acfe9191e6268bdd3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20161130 Re: CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/30/3"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1393904"
},
{
"name": "94264",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94264"
},
{
"name": "1037285",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037285"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.10"
},
{
"name": "[oss-security] 20161111 CVE-2016-8645: linux kernel: net: a BUG() statement can be hit in net/ipv4/tcp_input.c",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/11/11/3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ac6e780070e30e4c35bd395acfe9191e6268bdd3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/ac6e780070e30e4c35bd395acfe9191e6268bdd3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-8645",
"datePublished": "2016-11-28T03:01:00",
"dateReserved": "2016-10-12T00:00:00",
"dateUpdated": "2024-08-06T02:27:41.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9919 (GCVE-0-2016-9919)
Vulnerability from cvelistv5
Published
2016-12-08 17:00
Modified
2024-08-06 03:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:07:31.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "94824",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94824"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
},
{
"name": "[oss-security] 20161208 CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-13T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "94824",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94824"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
},
{
"name": "[oss-security] 20161208 CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "94824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94824"
},
{
"name": "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
},
{
"name": "[oss-security] 20161208 CVE request: Linux panic on fragemented IPv6 traffic (icmp6_send)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/15"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79dc7e3f1cd323be4c81aa1a94faa1b3ed987fb2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9919",
"datePublished": "2016-12-08T17:00:00",
"dateReserved": "2016-12-08T00:00:00",
"dateUpdated": "2024-08-06T03:07:31.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7913 (GCVE-0-2016-7913)
Vulnerability from cvelistv5
Published
2016-11-16 04:49
Modified
2024-08-06 02:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"
},
{
"name": "94201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94201"
},
{
"name": "USN-3798-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3798-1/"
},
{
"name": "USN-3798-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3798-2/"
},
{
"name": "RHSA-2019:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-05-14T22:06:08",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"
},
{
"name": "94201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94201"
},
{
"name": "USN-3798-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3798-1/"
},
{
"name": "USN-3798-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3798-2/"
},
{
"name": "RHSA-2019:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-7913",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "RHSA-2018:1062",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "https://github.com/torvalds/linux/commit/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8dfbcc4351a0b6d2f2d77f367552f48ffefafe18"
},
{
"name": "94201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94201"
},
{
"name": "USN-3798-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3798-1/"
},
{
"name": "USN-3798-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3798-2/"
},
{
"name": "RHSA-2019:1170",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"name": "RHSA-2019:1190",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2016-7913",
"datePublished": "2016-11-16T04:49:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:20.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9084 (GCVE-0-2016-9084)
Vulnerability from cvelistv5
Published
2016-11-28 03:01
Modified
2024-08-06 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389259"
},
{
"name": "[oss-security] 20161027 kernel: low-severity vfio driver integer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/11"
},
{
"name": "93930",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93930"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.kernel.org/patch/9373631/"
},
{
"name": "RHSA-2017:0387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0387.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "RHSA-2017:0386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0386.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389259"
},
{
"name": "[oss-security] 20161027 kernel: low-severity vfio driver integer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/11"
},
{
"name": "93930",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93930"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.kernel.org/patch/9373631/"
},
{
"name": "RHSA-2017:0387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0387.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "RHSA-2017:0386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0386.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1389259",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389259"
},
{
"name": "[oss-security] 20161027 kernel: low-severity vfio driver integer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/11"
},
{
"name": "93930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93930"
},
{
"name": "https://patchwork.kernel.org/patch/9373631/",
"refsource": "CONFIRM",
"url": "https://patchwork.kernel.org/patch/9373631/"
},
{
"name": "RHSA-2017:0387",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0387.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "RHSA-2017:0386",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0386.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9084",
"datePublished": "2016-11-28T03:01:00",
"dateReserved": "2016-10-27T00:00:00",
"dateUpdated": "2024-08-06T02:42:10.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1350 (GCVE-0-2015-1350)
Vulnerability from cvelistv5
Published
2016-05-02 10:00
Modified
2024-08-06 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:18.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"
},
{
"name": "76075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76075"
},
{
"name": "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=142153722930533\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"
},
{
"name": "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-01T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"
},
{
"name": "76075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76075"
},
{
"name": "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-kernel\u0026m=142153722930533\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"
},
{
"name": "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-1350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185139"
},
{
"name": "76075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76075"
},
{
"name": "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-kernel\u0026m=142153722930533\u0026w=2"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492"
},
{
"name": "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/24/5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-1350",
"datePublished": "2016-05-02T10:00:00",
"dateReserved": "2015-01-24T00:00:00",
"dateUpdated": "2024-08-06T04:40:18.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9083 (GCVE-0-2016-9083)
Vulnerability from cvelistv5
Published
2016-11-28 03:01
Modified
2024-08-06 02:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug."
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.488Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20161027 kernel: low-severity vfio driver integer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.kernel.org/patch/9373631/"
},
{
"name": "RHSA-2017:0387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0387.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "RHSA-2017:0386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0386.html"
},
{
"name": "93929",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93929"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20161027 kernel: low-severity vfio driver integer overflow",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.kernel.org/patch/9373631/"
},
{
"name": "RHSA-2017:0387",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0387.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "RHSA-2017:0386",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0386.html"
},
{
"name": "93929",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93929"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-9083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20161027 kernel: low-severity vfio driver integer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/26/11"
},
{
"name": "https://patchwork.kernel.org/patch/9373631/",
"refsource": "CONFIRM",
"url": "https://patchwork.kernel.org/patch/9373631/"
},
{
"name": "RHSA-2017:0387",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0387.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1389258",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1389258"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a"
},
{
"name": "RHSA-2017:0386",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0386.html"
},
{
"name": "93929",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93929"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-9083",
"datePublished": "2016-11-28T03:01:00",
"dateReserved": "2016-10-27T00:00:00",
"dateUpdated": "2024-08-06T02:42:10.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7917 (GCVE-0-2016-7917)
Vulnerability from cvelistv5
Published
2016-11-16 04:49
Modified
2024-08-06 02:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:20.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241"
},
{
"name": "94147",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94147"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message\u0027s length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241"
},
{
"name": "94147",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94147"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-7917",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message\u0027s length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c58d6c93680f28ac58984af61d0a7ebf4319c241"
},
{
"name": "94147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94147"
},
{
"name": "https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/c58d6c93680f28ac58984af61d0a7ebf4319c241"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2016-7917",
"datePublished": "2016-11-16T04:49:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:20.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7425 (GCVE-0-2016-7425)
Vulnerability from cvelistv5
Published
2016-10-16 21:00
Modified
2024-08-06 01:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:57:47.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3146-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3146-2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377330"
},
{
"name": "USN-3144-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3144-2"
},
{
"name": "USN-3146-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3146-1"
},
{
"name": "USN-3145-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3145-1"
},
{
"name": "[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/17/2"
},
{
"name": "[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-scsi\u0026m=147394796228991\u0026w=2"
},
{
"name": "USN-3144-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3144-1"
},
{
"name": "USN-3147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3147-1"
},
{
"name": "[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=linux-scsi\u0026m=147394713328707\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-7425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167"
},
{
"name": "USN-3145-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3145-2"
},
{
"name": "93037",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93037"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3146-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3146-2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377330"
},
{
"name": "USN-3144-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3144-2"
},
{
"name": "USN-3146-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3146-1"
},
{
"name": "USN-3145-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3145-1"
},
{
"name": "[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/09/17/2"
},
{
"name": "[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-scsi\u0026m=147394796228991\u0026w=2"
},
{
"name": "USN-3144-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3144-1"
},
{
"name": "USN-3147-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3147-1"
},
{
"name": "[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=linux-scsi\u0026m=147394713328707\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-7425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167"
},
{
"name": "USN-3145-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3145-2"
},
{
"name": "93037",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93037"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3146-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3146-2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1377330",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377330"
},
{
"name": "USN-3144-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3144-2"
},
{
"name": "USN-3146-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3146-1"
},
{
"name": "USN-3145-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3145-1"
},
{
"name": "[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/09/17/2"
},
{
"name": "[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-scsi\u0026m=147394796228991\u0026w=2"
},
{
"name": "USN-3144-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3144-1"
},
{
"name": "USN-3147-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3147-1"
},
{
"name": "[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-scsi\u0026m=147394713328707\u0026w=2"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2016-7425",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2016-7425"
},
{
"name": "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167"
},
{
"name": "USN-3145-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3145-2"
},
{
"name": "93037",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93037"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7425",
"datePublished": "2016-10-16T21:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T01:57:47.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7042 (GCVE-0-2016-7042)
Vulnerability from cvelistv5
Published
2016-10-16 21:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
},
{
"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "RHSA-2017:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93544"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
},
{
"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "RHSA-2017:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93544"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
},
{
"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
},
{
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "RHSA-2017:0817",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93544"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7042",
"datePublished": "2016-10-16T21:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:47.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8964 (GCVE-0-2015-8964)
Vulnerability from cvelistv5
Published
2016-11-16 04:49
Modified
2024-08-06 08:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:30.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc"
},
{
"name": "94138",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc"
},
{
"name": "94138",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc"
},
{
"name": "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc"
},
{
"name": "94138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/94138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-8964",
"datePublished": "2016-11-16T04:49:00",
"dateReserved": "2016-10-03T00:00:00",
"dateUpdated": "2024-08-06T08:36:30.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7039 (GCVE-0-2016-7039)
Vulnerability from cvelistv5
Published
2016-10-16 21:00
Modified
2024-08-06 01:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:46.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "RHSA-2017:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "[oss-security] 20161010 CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/10/15"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375944"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://patchwork.ozlabs.org/patch/680412/"
},
{
"name": "RHSA-2016:2047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2047.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"name": "RHSA-2016:2110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "93476",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93476"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2016:2107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "RHSA-2017:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "[oss-security] 20161010 CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/10/15"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375944"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://patchwork.ozlabs.org/patch/680412/"
},
{
"name": "RHSA-2016:2047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2047.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"name": "RHSA-2016:2110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "93476",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93476"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7039",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2107",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "RHSA-2017:0372",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa134",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "[oss-security] 20161010 CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/10/15"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1375944",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375944"
},
{
"name": "https://patchwork.ozlabs.org/patch/680412/",
"refsource": "CONFIRM",
"url": "https://patchwork.ozlabs.org/patch/680412/"
},
{
"name": "RHSA-2016:2047",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2047.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"
},
{
"name": "RHSA-2016:2110",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "93476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93476"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7039",
"datePublished": "2016-10-16T21:00:00",
"dateReserved": "2016-08-23T00:00:00",
"dateUpdated": "2024-08-06T01:50:46.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8666 (GCVE-0-2016-8666)
Vulnerability from cvelistv5
Published
2016-10-16 21:00
Modified
2024-08-06 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2016:2107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "RHSA-2017:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "93562",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971"
},
{
"name": "RHSA-2016:2047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2047.html"
},
{
"name": "RHSA-2016:2110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "[oss-security] 20161013 CVE Request: another recursion in GRE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971"
},
{
"name": "RHSA-2017:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0004.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384991"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1001486"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:16:08",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"name": "RHSA-2016:2107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "RHSA-2017:0372",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "93562",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971"
},
{
"name": "RHSA-2016:2047",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2047.html"
},
{
"name": "RHSA-2016:2110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "[oss-security] 20161013 CVE Request: another recursion in GRE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971"
},
{
"name": "RHSA-2017:0004",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0004.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384991"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1001486"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2016-8666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2016:2107",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2107.html"
},
{
"name": "RHSA-2017:0372",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:0372"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa134",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa134"
},
{
"name": "93562",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93562"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fac8e0f579695a3ecbc4d3cac369139d7f819971"
},
{
"name": "RHSA-2016:2047",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2047.html"
},
{
"name": "RHSA-2016:2110",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2110.html"
},
{
"name": "[oss-security] 20161013 CVE Request: another recursion in GRE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/11"
},
{
"name": "https://github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/fac8e0f579695a3ecbc4d3cac369139d7f819971"
},
{
"name": "RHSA-2017:0004",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0004.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1384991",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384991"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1001486",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1001486"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2016-8666",
"datePublished": "2016-10-16T21:00:00",
"dateReserved": "2016-10-14T00:00:00",
"dateUpdated": "2024-08-06T02:27:41.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…