7.4

CVE-2016-3699

Exploit
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version-
RedhatEnterprise Mrg Version2.0
RedhatLinux Version7.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.5% 0.391
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.4 1.4 5.9
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.9 3.4 10
AV:L/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2016-2574.html
http://rhn.redhat.com/errata/RHSA-2016-2584.html
http://www.openwall.com/lists/oss-security/2016/09/22/4
Third Party Advisory
http://www.securityfocus.com/bid/93114
Broken Link
https://bugzilla.redhat.com/show_bug.cgi?id=1329653
Patch
Third Party Advisory
VDB Entry
Issue Tracking
https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76
Exploit