CVE-2016-6522

Опубликовано: 07 мар. 2017

Источник: nvd

CVSS3: 5.5

CVSS2: 4.9

EPSS Низкий

Описание

Integer overflow in the uvm_map_isavail function in uvm/uvm_map.c in OpenBSD 5.9 allows local users to cause a denial of service (kernel panic) via a crafted mmap call, which triggers the new mapping to overlap with an existing mapping.

Ссылки

http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig
Patch
http://www.openwall.com/lists/oss-security/2016/08/02/12
Exploit
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/08/02/8
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/92264
http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig
Patch
http://www.openwall.com/lists/oss-security/2016/08/02/12
Exploit
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/08/02/8
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/92264

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:openbsd:openbsd:5.9:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00083

Низкий

5.5 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-190

Связанные уязвимости

GHSA-3g72-28w7-c4jp