CVE-2016-4951

Опубликовано: 16 мая 2016

Источник: redhat

CVSS2: 4.9

Описание

The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation.

A vulnerability was found in the Linux kernel. The pointer to the netlink socket attribute is not checked, which could cause a null pointer dereference when parsing the nested attributes in function tipc_nl_publ_dump(). This allows local users to cause a DoS.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2, as there is no code which introduced the flaw in the products listed.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-476

https://bugzilla.redhat.com/show_bug.cgi?id=1338625kernel: Null pointer dereference in tipc_nl_publ_dump

4.9 Medium

CVSS2

Связанные уязвимости

CVE-2016-4951

CVSS3: 7.8

ubuntu

около 9 лет назад

CVE-2016-4951

CVSS3: 7.8

nvd

около 9 лет назад

CVE-2016-4951

CVSS3: 7.8

debian

около 9 лет назад

The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kerne ...

GHSA-6wx6-p39m-8v66

CVSS3: 7.8

github

около 3 лет назад

ELSA-2016-3596

oracle-oval

почти 9 лет назад

ELSA-2016-3596: Unbreakable Enterprise kernel security update (IMPORTANT)

4.9 Medium

CVSS2