PT-2016-6763 · Linux+4 · Linux Kernel+4

Pengfei Wang

Published

2016-08-06

Updated

2018-01-05

CVE-2016-6136

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.8

Description The issue is related to a race condition in the audit log single execve arg function, allowing local users to bypass character-set restrictions or disrupt system-call auditing by changing a certain string. This is due to a "double fetch" vulnerability.

Recommendations For Linux kernel versions prior to 4.8, update to version 4.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the audit log single execve arg function until a patch is available.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

ALT-PU-2016-1862

ALT-PU-2017-1330

CESA-2016_2574

CESA-2017_0307

CVE-2016-6136

DLA-609-1

DSA-3659-1

RHSA-2016:2574

RHSA-2016:2584

RHSA-2016_2574

RHSA-2016_2584

RHSA-2017:0307

RHSA-2017_0307

USN-3084-1

USN-3084-2

USN-3084-3

USN-3084-4

USN-3097-1

USN-3097-2

USN-3098-1

USN-3098-2

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Ubuntu

PT-2016-6763 · Linux+4 · Linux Kernel+4

CVE-2016-6136

Weakness Enumeration

Related Identifiers

Affected Products

References · 43