PT-2016-1585 · Linux+2 · Linux Kernel+2

Mark Seaborn

Publicado

2015-03-27

Atualizado

2017-02-17

CVE-2016-0823

CVSS v3.1

4.0

Média

Vetor

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.19.3

Description The issue is related to the pagemap open function in fs/proc/task mmu.c of the Linux kernel, which lacks protection of internal data. This can be exploited by a local attacker to gain access to sensitive information by reading the pagemap file. The exploitation allows local users to obtain sensitive physical-address information.

Recommendations For Linux kernel versions prior to 3.19.3, update to version 3.19.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the pagemap file to minimize the risk of exploitation.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

ALT-PU-2015-1326

ALT-PU-2015-1849

BDU:2016-00886

CVE-2016-0823

OPENSUSE-SU-2016_2625-1

SUSE-SU-2016:2976-1

SUSE-SU-2016:3069-1

SUSE-SU-2017:0333-1

SUSE-SU-2017:0494-1

Produtos afetados

Alt Linux

Linux Kernel

Suse

PT-2016-1585 · Linux+2 · Linux Kernel+2

CVE-2016-0823

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 253