PT-2016-6699 · Fortinet+6 · Fortios+6

Publicado

2016-06-27

·

Atualizado

2024-06-15

·

CVE-2016-5829

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.6.3 FortiOS (affected versions not specified)
Description The issue is related to multiple heap-based buffer overflows in the Linux kernel, specifically in the hiddev ioctl usage function. This can be exploited by local users through crafted ioctl calls, such as HIDIOCGUSAGES or HIDIOCSUSAGES, potentially leading to a denial of service or other unspecified impacts. Additionally, there is a mention of a vulnerability in FortiOS, but details are not provided.
Recommendations For Linux kernel versions prior to 4.6.3: Update to a version newer than 4.6.3 to resolve the issue. For FortiOS: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2016-1795
ALT-PU-2016-1796
CESA-2016_2006
CESA-2016_2574
CVE-2016-5829
DLA-609-1
DSA-3616-1
MGASA-2016-0271
MGASA-2016-0283
MGASA-2016-0284
OPENSUSE-SU-2016_1798-1
OPENSUSE-SU-2016_2144-1
OPENSUSE-SU-2016_2184-1
OPENSUSE-SU-2024:10128-1
RHSA-2016:2006
RHSA-2016:2574
RHSA-2016:2584
RHSA-2016_2006
RHSA-2016_2574
RHSA-2016_2584
SUSE-SU-2016:1937-1
SUSE-SU-2016:1985-1
SUSE-SU-2016:2018-1
SUSE-SU-2016:2105-1
SUSE-SU-2016:2174-1
SUSE-SU-2016:2175-1
SUSE-SU-2016:2177-1
SUSE-SU-2016:2178-1
SUSE-SU-2016:2179-1
SUSE-SU-2016:2180-1
SUSE-SU-2016:2181-1
SUSE-SU-2016:2245-1
SUSE-SU-2017:0333-1
SUSE-SU-2017:0471-1
USN-3070-1
USN-3070-2
USN-3070-3
USN-3070-4
USN-3071-1
USN-3071-2
USN-3072-1
USN-3072-2

Produtos afetados

Alt Linux
Centos
Fortios
Linux Kernel
Red Hat
Suse
Ubuntu