5.5

CVE-2016-2383

The adjust_branches function in kernel/bpf/verifier.c in the Linux kernel before 4.5 does not consider the delta in the backward-jump case, which allows local users to obtain sensitive information from kernel memory by creating a packet filter and then loading crafted BPF instructions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 4.5.0
LinuxLinux Kernel Version4.5.0 Updaterc1
LinuxLinux Kernel Version4.5.0 Updaterc2
LinuxLinux Kernel Version4.5.0 Updaterc3
CanonicalUbuntu Linux Version14.04 SwEditionesm
CanonicalUbuntu Linux Version15.10
OpensuseLeap Version42.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.37% 0.29
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
Third Party Advisory
http://www.ubuntu.com/usn/USN-2947-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-2947-2
Third Party Advisory
http://www.ubuntu.com/usn/USN-2947-3
Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1b14d27ed0965838350f1377ff97c93ee383492
Patch
Vendor Advisory
http://www.openwall.com/lists/oss-security/2016/02/14/1
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=1308452
Third Party Advisory
Issue Tracking
https://github.com/torvalds/linux/commit/a1b14d27ed0965838350f1377ff97c93ee383492
Patch
Third Party Advisory