Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-9806

Опубликовано: 28 дек. 2016
Источник: nvd
CVSS3: 7.8
CVSS2: 7.2
EPSS Низкий

Описание

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.12 (включая) до 3.12.62 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.13 (включая) до 3.14.73 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.15 (включая) до 3.16.37 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.17 (включая) до 3.18.37 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.19 (включая) до 4.1.28 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.2 (включая) до 4.4.14 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.5 (включая) до 4.6.3 (исключая)

EPSS

Процентиль: 17%
0.00053
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-362

Связанные уязвимости

ubuntu логотип

CVE-2016-9806

CVSS3: 7.8
ubuntu
больше 8 лет назад

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

redhat логотип

CVE-2016-9806

CVSS3: 7.8
redhat
около 9 лет назад

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

debian логотип

CVE-2016-9806

CVSS3: 7.8
debian
больше 8 лет назад

Race condition in the netlink_dump function in net/netlink/af_netlink. ...

suse-cvrf логотип

SUSE-SU-2017:0303-1

suse-cvrf
больше 8 лет назад

Security update for Linux Kernel Live Patch 18 for SLE 12

github логотип

GHSA-3fhq-qffp-rp75

CVSS3: 7.8
github
около 3 лет назад

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

EPSS

Процентиль: 17%
0.00053
Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-362