Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-6197

Опубликовано: 11 июл. 2016
Источник: redhat
CVSS3: 5.5
CVSS2: 4.7
EPSS Низкий

Описание

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.

It was found that the unlink and rename functionality in overlayfs did not verify the upper dentry for staleness. A local, unprivileged user could use the rename syscall on overlayfs on top of xfs to panic or crash the system.

Отчет

This issue is not present in the Linux kernel packages as shipped with Red Hat Enterprise Linux versions 5 and 6. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases may address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise MRG 2realtime-kernelAffected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2016:187515.09.2016
Red Hat Enterprise Linux 7kernelFixedRHSA-2016:184715.09.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=1355650kernel: overlayfs: missing upper dentry verification before unlink and rename

EPSS

Процентиль: 10%
0.00036
Низкий

5.5 Medium

CVSS3

4.7 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-6197

CVSS3: 5.5
ubuntu
почти 9 лет назад

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.

nvd логотип

CVE-2016-6197

CVSS3: 5.5
nvd
почти 9 лет назад

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.

debian логотип

CVE-2016-6197

CVSS3: 5.5
debian
почти 9 лет назад

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the L ...

github логотип

GHSA-p6f5-7r7f-h77r

CVSS3: 5.5
github
около 3 лет назад

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.

oracle-oval логотип

ELSA-2016-3587

oracle-oval
почти 9 лет назад

ELSA-2016-3587: kernel-uek security update (IMPORTANT)

EPSS

Процентиль: 10%
0.00036
Низкий

5.5 Medium

CVSS3

4.7 Medium

CVSS2