Vulnerability-Lookup

CVE-2016-5412 (GCVE-0-2016-5412)

Vulnerability from cvelistv5 – Published: 2016-08-06 20:00 – Updated: 2024-08-06 01:00

Summary

arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

FKIE_CVE-2016-5412

Vulnerability from fkie_nvd - Published: 2016-08-06 20:59 - Updated: 2025-04-12 10:46

Severity ?

6.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

References

URL	Tags
secalert@redhat.com	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3
secalert@redhat.com	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2016-2574.html
secalert@redhat.com	http://www.openwall.com/lists/oss-security/2016/07/28/2	Mailing List
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1349916	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3
secalert@redhat.com	https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-2574.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/07/28/2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1349916	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AF8F457-8A21-4907-BB5E-6193D0DAD885",
              "versionEndIncluding": "4.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction."
    },
    {
      "lang": "es",
      "value": "arch/powerpc/kvm/book3s_hv_rmhandlers.S en el kernel de Linux hasta la versi\u00f3n 4.7 en plataformas PowerPC, cuando se encuentra habilitada CONFIG_KVM_BOOK3S_64_HV, permite a usuarios invitados del SO provocar una denegaci\u00f3n de servicio (bucle infinito del SO anfitri\u00f3n) haciendo una hiperllamada H_CEDE durante la existencia de una transacci\u00f3n suspendida."
    }
  ],
  "id": "CVE-2016-5412",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.6,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 4.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-06T20:59:04.143",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/07/28/2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/07/28/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-5412

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-5412

Aliases

CVE-2016-5412

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-5412",
    "description": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.",
    "id": "GSD-2016-5412",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-5412.html",
      "https://access.redhat.com/errata/RHSA-2016:2574",
      "https://ubuntu.com/security/CVE-2016-5412",
      "https://linux.oracle.com/cve/CVE-2016-5412.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-5412"
      ],
      "details": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.",
      "id": "GSD-2016-5412",
      "modified": "2023-12-13T01:21:25.725329Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2016-5412",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            "refsource": "MISC",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
          },
          {
            "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3",
            "refsource": "MISC",
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3"
          },
          {
            "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245",
            "refsource": "MISC",
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2016/07/28/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2016/07/28/2"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3",
            "refsource": "MISC",
            "url": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245",
            "refsource": "MISC",
            "url": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.7",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-5412"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160728 CVE-2016-5412 Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode",
              "refsource": "MLIST",
              "tags": [
                "Mailing List"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/07/28/2"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245"
            },
            {
              "name": "RHSA-2016:2574",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.1,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.0,
          "impactScore": 4.0
        }
      },
      "lastModifiedDate": "2023-02-12T23:24Z",
      "publishedDate": "2016-08-06T20:59Z"
    }
  }
}

CNVD-2016-05850

Vulnerability from cnvd - Published: 2016-08-02

Title

Linux kernel拒绝服务漏洞（CNVD-2016-05850）

Description

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。 Linux kernel中存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务，拒绝服务合法用户。

Severity

中

Patch Name

Linux kernel拒绝服务漏洞（CNVD-2016-05850）的补丁

Patch Description

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。 Linux kernel中存在拒绝服务漏洞。攻击者可利用该漏洞造成拒绝服务，拒绝服务合法用户。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： https://www.kernel.org/

Reference

http://www.securityfocus.com/bid/92181

Impacted products

Name
Linux Kernel

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "92181"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-5412"
    }
  },
  "description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u62d2\u7edd\u670d\u52a1\u5408\u6cd5\u7528\u6237\u3002",
  "discovererName": "Prasad J Pandit",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.kernel.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-05850",
  "openTime": "2016-08-02",
  "patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u62d2\u7edd\u670d\u52a1\u5408\u6cd5\u7528\u6237\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-05850\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Linux Kernel"
  },
  "referenceLink": "http://www.securityfocus.com/bid/92181",
  "serverity": "\u4e2d",
  "submitTime": "2016-08-01",
  "title": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-05850\uff09"
}

GHSA-CCW5-JVC3-PRF4

Vulnerability from github – Published: 2022-05-14 03:56 – Updated: 2022-05-14 03:56

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-5412"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-08-06T20:59:00Z",
    "severity": "MODERATE"
  },
  "details": "arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.",
  "id": "GHSA-ccw5-jvc3-prf4",
  "modified": "2022-05-14T03:56:32Z",
  "published": "2022-05-14T03:56:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5412"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/93d17397e4e2182fdaad503e2f9da46202c0f1c3"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/f024ee098476a3e620232e4a78cfac505f121245"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:2574"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2016-5412"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349916"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93d17397e4e2182fdaad503e2f9da46202c0f1c3"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f024ee098476a3e620232e4a78cfac505f121245"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/07/28/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2016-AVI-315

Vulnerability from certfr_avis - Published: 2016-09-20 - Updated: 2016-09-20

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 LTS
Ubuntu	Ubuntu	Ubuntu 16.04 LTS s'exécutant sur Raspberry Pi 2
Ubuntu	Ubuntu	Ubuntu 12.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 LTS
Ubuntu	Ubuntu	Ubuntu 16.04 LTS s'exécutant sur un processeur Qualcomm Snapdragon

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-5412 (GCVE-0-2016-5412)

FKIE_CVE-2016-5412

GSD-2016-5412

CNVD-2016-05850

GHSA-CCW5-JVC3-PRF4

CERTFR-2016-AVI-315

Solution

Tags

Sightings

Nomenclature