Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9604

Опубликовано: 18 апр. 2017
Источник: redhat
CVSS3: 4.4
CVSS2: 1.2
EPSS Низкий

Описание

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

It was discovered that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

Отчет

This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in this product. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelAffected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2017:207701.08.2017
Red Hat Enterprise Linux 7kernelFixedRHSA-2017:184201.08.2017
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2017:266906.09.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-732
https://bugzilla.redhat.com/show_bug.cgi?id=1389433kernel: security: The built-in keyrings for security tokens can be joined as a session and then modified by the root user

EPSS

Процентиль: 5%
0.00025
Низкий

4.4 Medium

CVSS3

1.2 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9604

CVSS3: 4.4
ubuntu
почти 7 лет назад

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

nvd логотип

CVE-2016-9604

CVSS3: 4.4
nvd
почти 7 лет назад

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

debian логотип

CVE-2016-9604

CVSS3: 4.4
debian
почти 7 лет назад

It was discovered in the Linux kernel before 4.11-rc8 that root can ga ...

github логотип

GHSA-8qc8-27v8-7664

CVSS3: 4.4
github
около 3 лет назад

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

oracle-oval логотип

ELSA-2017-3607

oracle-oval
почти 8 лет назад

ELSA-2017-3607: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 5%
0.00025
Низкий

4.4 Medium

CVSS3

1.2 Low

CVSS2