Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9576

Опубликовано: 25 нояб. 2016
Источник: redhat
CVSS3: 7
CVSS2: 6.2

Описание

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

It was found that the blk_rq_map_user_iov() function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging write access to a /dev/sg device.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code which can trigger the flaw is not present in the products listed. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelFixedRHSA-2017:081721.03.2017
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2017:207701.08.2017
Red Hat Enterprise Linux 7kernelFixedRHSA-2017:184201.08.2017
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2017:266906.09.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1403145kernel: Use after free in SCSI generic device interface

7 High

CVSS3

6.2 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9576

CVSS3: 7.8
ubuntu
больше 8 лет назад

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

nvd логотип

CVE-2016-9576

CVSS3: 7.8
nvd
больше 8 лет назад

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

debian логотип

CVE-2016-9576

CVSS3: 7.8
debian
больше 8 лет назад

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kerne ...

suse-cvrf логотип

openSUSE-SU-2016:3086-1

suse-cvrf
больше 8 лет назад

Security update for the openSUSE Leap 42.1 kernel.

suse-cvrf логотип

openSUSE-SU-2016:3085-1

suse-cvrf
больше 8 лет назад

Security update for the Linux Kernel

7 High

CVSS3

6.2 Medium

CVSS2