Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5728

Опубликовано: 27 апр. 2016
Источник: redhat
CVSS3: 5.3
CVSS2: 3.3

Описание

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.

Race condition vulnerability was found in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1. MIC VOP driver does two successive reads from user space to read a variable length data structure. Local user can obtain sensitive information from kernel memory or can cause DoS by corrupting kernel memory if the data structure changes between the two reads.

Отчет

This issue does not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, 5, 6, 7 and Red Hat Enterprise MRG 2.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise MRG 2realtime-kernelNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=1350811kernel: Race condition vulnerability in VOP driver

5.3 Medium

CVSS3

3.3 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5728

CVSS3: 6.3
ubuntu
больше 9 лет назад

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.

nvd логотип

CVE-2016-5728

CVSS3: 6.3
nvd
больше 9 лет назад

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.

debian логотип

CVE-2016-5728

CVSS3: 6.3
debian
больше 9 лет назад

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_v ...

github логотип

GHSA-h9vp-p9jj-8mmf

CVSS3: 6.3
github
больше 3 лет назад

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.

5.3 Medium

CVSS3

3.3 Low

CVSS2