PT-2016-5150 · Linux+3 · Linux Kernel+3

Andrej Nemec

Published

2016-02-15

Updated

2022-01-31

CVE-2016-2383

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.5

Description The issue allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions. This is due to the adjust branches function in kernel/bpf/verifier.c not considering the delta in the backward-jump case.

Recommendations For Linux kernel versions prior to 4.5, update to version 4.5 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2016-1262

ALT-PU-2017-1330

CVE-2016-2383

OPENSUSE-SU-2016_1008-1

USN-2947-1

USN-2947-2

USN-2947-3

Affected Products

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2016-5150 · Linux+3 · Linux Kernel+3

CVE-2016-2383

Related Identifiers

Affected Products

References · 24