PT-2016-6699 · Fortinet+6 · Fortios+6

Published

2016-06-27

·

Updated

2024-06-15

·

CVE-2016-5829

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.6.3 FortiOS (affected versions not specified)
Description The issue is related to multiple heap-based buffer overflows in the Linux kernel, specifically in the hiddev ioctl usage function. This can be exploited by local users through crafted ioctl calls, such as HIDIOCGUSAGES or HIDIOCSUSAGES, potentially leading to a denial of service or other unspecified impacts. Additionally, there is a mention of a vulnerability in FortiOS, but details are not provided.
Recommendations For Linux kernel versions prior to 4.6.3: Update to a version newer than 4.6.3 to resolve the issue. For FortiOS: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALT-PU-2016-1795
ALT-PU-2016-1796
CESA-2016_2006
CESA-2016_2574
CVE-2016-5829
DLA-609-1
DSA-3616-1
MGASA-2016-0271
MGASA-2016-0283
MGASA-2016-0284
OPENSUSE-SU-2016_1798-1
OPENSUSE-SU-2016_2144-1
OPENSUSE-SU-2016_2184-1
OPENSUSE-SU-2024:10128-1
RHSA-2016:2006
RHSA-2016:2574
RHSA-2016:2584
RHSA-2016_2006
RHSA-2016_2574
RHSA-2016_2584
SUSE-SU-2016:1937-1
SUSE-SU-2016:1985-1
SUSE-SU-2016:2018-1
SUSE-SU-2016:2105-1
SUSE-SU-2016:2174-1
SUSE-SU-2016:2175-1
SUSE-SU-2016:2177-1
SUSE-SU-2016:2178-1
SUSE-SU-2016:2179-1
SUSE-SU-2016:2180-1
SUSE-SU-2016:2181-1
SUSE-SU-2016:2245-1
SUSE-SU-2017:0333-1
SUSE-SU-2017:0471-1
USN-3070-1
USN-3070-2
USN-3070-3
USN-3070-4
USN-3071-1
USN-3071-2
USN-3072-1
USN-3072-2

Affected Products

Alt Linux
Centos
Fortios
Linux Kernel
Red Hat
Suse
Ubuntu