7.4

CVE-2016-3699

Exploit

EPSS 0.04%
Veröffentlicht 07.10.2016 14:59:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version-

Redhat ≫ Enterprise Mrg Version2.0

Redhat ≫ Linux Version7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.082

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.4	1.4	5.9	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://rhn.redhat.com/errata/RHSA-2016-2574.html

http://rhn.redhat.com/errata/RHSA-2016-2584.html

http://www.openwall.com/lists/oss-security/2016/09/22/4

Third Party Advisory

http://www.securityfocus.com/bid/93114

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=1329653

Patch

Third Party Advisory

VDB Entry

Issue Tracking

https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2016-3699

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3699

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3699

EUVD