Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-7913

Опубликовано: 28 янв. 2016
Источник: redhat
CVSS3: 7.8
CVSS2: 9.3
EPSS Низкий

Описание

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 as the code with the flaw is not present in the products listed. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2018:067610.04.2018
Red Hat Enterprise Linux 7kernelFixedRHSA-2018:106210.04.2018
Red Hat Enterprise Linux 7.4 Extended Update SupportkernelFixedRHSA-2019:117014.05.2019
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2019:119014.05.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1402885kernel: media: use-after-free in [tuner-xc2028] media driver

EPSS

Процентиль: 76%
0.01025
Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-7913

CVSS3: 7.8
ubuntu
больше 8 лет назад

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

nvd логотип

CVE-2016-7913

CVSS3: 7.8
nvd
больше 8 лет назад

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

debian логотип

CVE-2016-7913

CVSS3: 7.8
debian
больше 8 лет назад

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c ...

github логотип

GHSA-m9j8-542r-7w94

CVSS3: 7.8
github
около 3 лет назад

The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.

oracle-oval логотип

ELSA-2020-5912

oracle-oval
больше 4 лет назад

ELSA-2020-5912: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 76%
0.01025
Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2