Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9685

Опубликовано: 01 дек. 2016
Источник: redhat
CVSS3: 3.8
CVSS2: 2.1
EPSS Низкий

Описание

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

A flaw was found in the Linux kernel's implementation of XFS file attributes. Two memory leaks were detected in xfs_attr_shortform_list and xfs_attr3_leaf_list_int when running a docker container backed by xfs/overlay2. A dedicated attacker could possible exhaust all memory and create a denial of service situation.

Отчет

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 and 7. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix
Red Hat Enterprise Linux 6kernelWill not fix
Red Hat Enterprise MRG 2realtime-kernelWill not fix
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2017:207701.08.2017
Red Hat Enterprise Linux 7kernelFixedRHSA-2017:184201.08.2017
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2017:266906.09.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-772
https://bugzilla.redhat.com/show_bug.cgi?id=1396941kernel: Memory leaks in xfs_attr_list.c error paths

EPSS

Процентиль: 8%
0.00034
Низкий

3.8 Low

CVSS3

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9685

CVSS3: 5.5
ubuntu
больше 8 лет назад

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

nvd логотип

CVE-2016-9685

CVSS3: 5.5
nvd
больше 8 лет назад

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

debian логотип

CVE-2016-9685

CVSS3: 5.5
debian
больше 8 лет назад

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the ...

github логотип

GHSA-jv5p-77w2-8fqr

CVSS3: 5.5
github
около 3 лет назад

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

oracle-oval логотип

ELSA-2017-3607

oracle-oval
почти 8 лет назад

ELSA-2017-3607: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 8%
0.00034
Низкий

3.8 Low

CVSS3

2.1 Low

CVSS2