PT-2016-1597 · Linux+2 · Linux Kernel+2

Zach Riggle

Publicado

2015-11-18

Atualizado

2022-01-31

CVE-2016-0821

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.3

Description The issue is related to errors in handling the mmap min addr variable in the LIST POISON function of the Linux kernel. This can allow a remote attacker to bypass a protection mechanism by triggering the use of an uninitialized list entry.

Recommendations For Linux kernel versions prior to 4.3, update to version 4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the mmap min addr variable to minimize the risk of exploitation.

Correção

Use of Uninitialized Resource

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-254CWE-908

Identificadores relacionados

ALT-PU-2015-2010

ALT-PU-2016-1485

BDU:2016-00898

CVE-2016-0821

DLA-516-1

DSA-3607-1

USN-2967-1

USN-2967-2

USN-2968-1

USN-2968-2

USN-2969-1

USN-2970-1

USN-2971-1

USN-2971-2

USN-2971-3

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2016-1597 · Linux+2 · Linux Kernel+2

CVE-2016-0821

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51