Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-5829

Опубликовано: 25 июн. 2016
Источник: redhat
CVSS3: 7.8
CVSS2: 6.9
EPSS Низкий

Описание

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system.

Отчет

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2 and may be addressed in future updates. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix
Red Hat Enterprise MRG 2realtime-kernelAffected
Red Hat Enterprise Linux 6kernelFixedRHSA-2016:200604.10.2016
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2016:258403.11.2016
Red Hat Enterprise Linux 7kernelFixedRHSA-2016:257403.11.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1350509kernel: Heap buffer overflow in hiddev driver

EPSS

Процентиль: 10%
0.00037
Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-5829

CVSS3: 7.8
ubuntu
почти 9 лет назад

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

nvd логотип

CVE-2016-5829

CVSS3: 7.8
nvd
почти 9 лет назад

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

debian логотип

CVE-2016-5829

CVSS3: 7.8
debian
почти 9 лет назад

Multiple heap-based buffer overflows in the hiddev_ioctl_usage functio ...

github логотип

GHSA-66jc-9397-h8vf

CVSS3: 7.8
github
около 3 лет назад

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

suse-cvrf логотип

SUSE-SU-2016:2175-1

suse-cvrf
почти 9 лет назад

Security update for Linux Kernel Live Patch 6 for SLE 12 SP1

EPSS

Процентиль: 10%
0.00037
Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Уязвимость CVE-2016-5829