PT-2016-6698 · Linux+5 · Linux Kernel+5

Cyril Bur

Publicado

2016-03-17

Atualizado

2023-01-17

CVE-2016-5828

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.6.3 on powerpc platforms

Description The issue is related to the mishandling of transactional state by the start thread function in the Linux kernel, which can be exploited by local users to cause a denial of service, resulting in an invalid process state or a TM Bad Thing exception, and potentially leading to a system crash. The exploitation involves starting and suspending a transaction before an exec system call.

Recommendations For Linux kernel versions prior to 4.6.3 on powerpc platforms: update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2016-1262

ALT-PU-2016-1795

ALT-PU-2016-1796

CESA-2016_2574

CVE-2016-5828

DSA-3616-1

OPENSUSE-SU-2016_2184-1

RHSA-2016:2574

RHSA-2016_2574

SUSE-SU-2016:1937-1

SUSE-SU-2016:2105-1

SUSE-SU-2017:0471-1

USN-3070-1

USN-3070-2

USN-3070-3

USN-3070-4

USN-3071-1

USN-3071-2

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2016-6698 · Linux+5 · Linux Kernel+5

CVE-2016-5828

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 278