CVE-2016-1237

Опубликовано: 29 июн. 2016

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.9

CVSS3: 5.5

Описание

nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.

Релиз	Статус	Примечание
devel	not-affected	4.8.0-22.24
esm-infra-legacy/trusty	not-affected
esm-infra/xenial	released	4.4.0-36.55
precise	not-affected
trusty	not-affected
trusty/esm	not-affected
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	released	3.19.0-66.74
wily	ignored	end of life

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	not-affected
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1001.10
precise	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1001.10

Показывать по

Релиз	Статус	Примечание
devel	not-affected
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	4.7~rc5
vivid/stable-phone-overlay	not-affected
vivid/ubuntu-core	DNE
wily	not-affected

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.4.0-1003.3
yakkety	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.8.0-36.36~16.04.1

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	4.8.0-36.36~16.04.1

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	not-affected
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [3.19.0-66.74~14.04.1]]
precise	DNE
trusty	released	3.19.0-66.74~14.04.1
trusty/esm	DNE	trusty was released [3.19.0-66.74~14.04.1]
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	released	4.4.0-36.55~14.04.1
precise	DNE
trusty	released	4.4.0-36.55~14.04.1
trusty/esm	released	4.4.0-36.55~14.04.1
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	4.7~rc5
vivid/stable-phone-overlay	not-affected
vivid/ubuntu-core	DNE
wily	not-affected

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored]
precise	DNE
trusty	ignored
trusty/esm	DNE	trusty was ignored
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	ignored	end of life
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.8.0-1013.15
esm-infra-legacy/trusty	DNE
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	ignored	end of life, was needed
wily	ignored	end of life
xenial	released	4.4.0-1021.27

Показывать по

Релиз	Статус	Примечание
devel	not-affected	4.4.0-1029.32
esm-infra-legacy/trusty	DNE
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	released	4.4.0-1024.27

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
precise	not-affected
trusty	DNE
trusty/esm	DNE
upstream	released	4.7~rc5
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	DNE
xenial	DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 3%

0.00015

Низкий

4.9 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2016-1237

CVSS3: 7.8

redhat

больше 9 лет назад

nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.

CVE-2016-1237

CVSS3: 5.5

nvd

больше 9 лет назад

nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.

CVE-2016-1237

CVSS3: 5.5

debian

больше 9 лет назад

nfsd in the Linux kernel through 4.6.3 allows local users to bypass in ...

GHSA-r3gq-m2h3-69wv

CVSS3: 5.5

github

больше 3 лет назад

nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, and nfs4acl.c.

openSUSE-SU-2016:2290-1

suse-cvrf

больше 9 лет назад

Security update for the Linux Kernel

EPSS

Процентиль: 3%

0.00015

Низкий

4.9 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2016-1237

Описание

Пакет linux

Пакет linux-armadaxp

Пакет linux-aws

Пакет linux-flo

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-linaro-omap

Пакет linux-linaro-shared

Пакет linux-linaro-vexpress

Пакет linux-lts-quantal

Пакет linux-lts-raring

Пакет linux-lts-saucy

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-qcm-msm

Пакет linux-raspi2

Пакет linux-snapdragon

Пакет linux-ti-omap4

Ссылки на источники

Связанные уязвимости