Vulnerability-Lookup

CVE-2016-6197 (GCVE-0-2016-6197)

Vulnerability from cvelistv5 – Published: 2016-08-06 20:00 – Updated: 2024-08-06 01:22

Summary

fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3070-1	vendor-advisoryx_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1355650	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torva…	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-1847.html	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/bid/91709	vdb-entryx_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2016-1875.html	vendor-advisoryx_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3070-3	vendor-advisoryx_refsource_UBUNTU
	http://www.securitytracker.com/id/1036273	vdb-entryx_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-3070-2	vendor-advisoryx_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/11f37104…	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/07/11/8	mailing-listx_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3070-4	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:22:20.648Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "USN-3070-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3070-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "RHSA-2016:1847",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
          },
          {
            "name": "91709",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91709"
          },
          {
            "name": "RHSA-2016:1875",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
          },
          {
            "name": "USN-3070-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3070-3"
          },
          {
            "name": "1036273",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036273"
          },
          {
            "name": "USN-3070-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3070-2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
          },
          {
            "name": "[oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
          },
          {
            "name": "USN-3070-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3070-4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "USN-3070-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3070-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "name": "RHSA-2016:1847",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
        },
        {
          "name": "91709",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91709"
        },
        {
          "name": "RHSA-2016:1875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
        },
        {
          "name": "USN-3070-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3070-3"
        },
        {
          "name": "1036273",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036273"
        },
        {
          "name": "USN-3070-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3070-2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
        },
        {
          "name": "[oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
        },
        {
          "name": "USN-3070-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3070-4"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6197",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "USN-3070-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3070-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "RHSA-2016:1847",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
            },
            {
              "name": "91709",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91709"
            },
            {
              "name": "RHSA-2016:1875",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
            },
            {
              "name": "USN-3070-3",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3070-3"
            },
            {
              "name": "1036273",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036273"
            },
            {
              "name": "USN-3070-2",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3070-2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
            },
            {
              "name": "[oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
            },
            {
              "name": "USN-3070-4",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3070-4"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-6197",
    "datePublished": "2016-08-06T20:00:00.000Z",
    "dateReserved": "2016-07-11T00:00:00.000Z",
    "dateUpdated": "2024-08-06T01:22:20.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-P6F5-7R7F-H77R

Vulnerability from github – Published: 2022-05-13 01:29 – Updated: 2022-05-13 01:29

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6197"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-08-06T20:59:00Z",
    "severity": "MODERATE"
  },
  "details": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.",
  "id": "GHSA-p6f5-7r7f-h77r",
  "modified": "2022-05-13T01:29:42Z",
  "published": "2022-05-13T01:29:42Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6197"
    },
    {
      "type": "WEB",
      "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
    },
    {
      "type": "WEB",
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91709"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036273"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3070-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3070-2"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3070-3"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3070-4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2016-6197

Vulnerability from fkie_nvd - Published: 2016-08-06 20:59 - Updated: 2025-04-12 10:46

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185	Issue Tracking, Patch
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2016-1847.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2016-1875.html
cve@mitre.org	http://www.openwall.com/lists/oss-security/2016/07/11/8	Mailing List, Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	Third Party Advisory
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/91709
cve@mitre.org	http://www.securitytracker.com/id/1036273
cve@mitre.org	http://www.ubuntu.com/usn/USN-3070-1
cve@mitre.org	http://www.ubuntu.com/usn/USN-3070-2
cve@mitre.org	http://www.ubuntu.com/usn/USN-3070-3
cve@mitre.org	http://www.ubuntu.com/usn/USN-3070-4
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=1355650	Issue Tracking
cve@mitre.org	https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1847.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1875.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/07/11/8	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91709
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036273
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3070-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3070-2
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3070-3
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3070-4
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1355650	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185	Issue Tracking, Patch

Impacted products

Vendor	Product	Version
oracle	linux	6
linux	linux_kernel	*
oracle	vm_server	3.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02606D90-EB6B-45DE-B022-6E5783BD64FA",
              "versionEndIncluding": "4.5.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BA58099-26F7-4B01-B9FC-275F012FE9C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink."
    },
    {
      "lang": "es",
      "value": "fs/overlayfs/dir.c en la implementaci\u00f3n del sistema de archivos OverlayFS en el kernel de Linux en versiones anteriores a 4.6 no verifica adecuadamente la dentry superior antes de proceder con el procesamiento de desconexi\u00f3n y cambio de nombre de llamadas al sistema, lo que permite a usuarios locales provocar una denegaci\u00f3n del servicio (ca\u00edda de sistema) a trav\u00e9s de una llamada al sistema cambiada de nombre que especifica un self-hardlink."
    }
  ],
  "id": "CVE-2016-6197",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 4.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-06T20:59:12.067",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/91709"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1036273"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-3070-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-3070-2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-3070-3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-3070-4"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91709"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3070-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3070-2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3070-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3070-4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2016-6197

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-6197

Aliases

CVE-2016-6197

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6197",
    "description": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.",
    "id": "GSD-2016-6197",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-6197.html",
      "https://access.redhat.com/errata/RHSA-2016:1875",
      "https://access.redhat.com/errata/RHSA-2016:1847",
      "https://ubuntu.com/security/CVE-2016-6197",
      "https://linux.oracle.com/cve/CVE-2016-6197.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6197"
      ],
      "details": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.",
      "id": "GSD-2016-6197",
      "modified": "2023-12-13T01:21:23.590669Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2016-6197",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "USN-3070-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3070-1"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
          },
          {
            "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185",
            "refsource": "CONFIRM",
            "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "RHSA-2016:1847",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
          },
          {
            "name": "91709",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91709"
          },
          {
            "name": "RHSA-2016:1875",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
          },
          {
            "name": "USN-3070-3",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3070-3"
          },
          {
            "name": "1036273",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036273"
          },
          {
            "name": "USN-3070-2",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3070-2"
          },
          {
            "name": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185",
            "refsource": "CONFIRM",
            "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
          },
          {
            "name": "[oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
          },
          {
            "name": "USN-3070-4",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3070-4"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.5.7",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-6197"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch"
              ],
              "url": "https://github.com/torvalds/linux/commit/11f3710417d026ea2f4fcf362d866342c5274185"
            },
            {
              "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch"
              ],
              "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=11f3710417d026ea2f4fcf362d866342c5274185"
            },
            {
              "name": "[oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/07/11/8"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1355650"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "USN-3070-2",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3070-2"
            },
            {
              "name": "91709",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/91709"
            },
            {
              "name": "USN-3070-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3070-1"
            },
            {
              "name": "USN-3070-3",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3070-3"
            },
            {
              "name": "USN-3070-4",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3070-4"
            },
            {
              "name": "1036273",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036273"
            },
            {
              "name": "RHSA-2016:1875",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1875.html"
            },
            {
              "name": "RHSA-2016:1847",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1847.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 4.9,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-12-27T16:08Z",
      "publishedDate": "2016-08-06T20:59Z"
    }
  }
}

CERTFR-2016-AVI-289

Vulnerability from certfr_avis - Published: 2016-08-30 - Updated: 2016-08-30

De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 LTS
Ubuntu	Ubuntu	Ubuntu 12.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 LTS

References

Title

Publication Time

CNVD-2016-04984

Vulnerability from cnvd - Published: 2016-07-20

Title

Linux kernel拒绝服务漏洞（CNVD-2016-04984）

Description

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。 Linux kernel中存在拒绝服务漏洞，攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

Linux kernel拒绝服务漏洞（CNVD-2016-04984）的补丁

Patch Description

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。 Linux kernel中存在拒绝服务漏洞，攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，详情请关注厂商主页： https://www.kernel.org/

Reference

http://www.securityfocus.com/bid/91709

Impacted products

Name
Linux Kernel

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91709"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6197"
    }
  },
  "description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "CAI Qian",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.kernel.org/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04984",
  "openTime": "2016-07-20",
  "patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-04984\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Linux Kernel"
  },
  "referenceLink": "http://www.securityfocus.com/bid/91709",
  "serverity": "\u4e2d",
  "submitTime": "2016-07-15",
  "title": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2016-04984\uff09"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-6197 (GCVE-0-2016-6197)

GHSA-P6F5-7R7F-H77R

FKIE_CVE-2016-6197

GSD-2016-6197

CERTFR-2016-AVI-289

Solution

CNVD-2016-04984

Tags

Sightings

Nomenclature