PT-2016-7812 · Linux+4 · Linux Kernel+4

Adam Mariš

Publicado

2016-04-13

Atualizado

2018-01-05

CVE-2016-9685

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.5.1

Description The issue is related to multiple memory leaks in error paths in the fs/xfs/xfs attr list.c file. This can be exploited by local users through crafted XFS filesystem operations, leading to a denial of service due to memory consumption.

Recommendations For Linux kernel versions prior to 4.5.1, update to version 4.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to XFS filesystem operations to minimize the risk of exploitation.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

ALT-PU-2016-1331

ALT-PU-2017-1330

CESA-2017_1842

CVE-2016-9685

RHSA-2017:1842

RHSA-2017:2077

RHSA-2017:2669

RHSA-2017_1842

RHSA-2017_2077

SUSE-SU-2017:0333-1

SUSE-SU-2017:0437-1

SUSE-SU-2017:0494-1

SUSE-SU-2017:1102-1

USN-3187-1

USN-3187-2

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2016-7812 · Linux+4 · Linux Kernel+4

CVE-2016-9685

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 288