7.4

CVE-2016-3699

Exploit

EPSS 0.04%
Published 07.10.2016 14:59:03
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.

Affected products Warnungen 0 Metrics 3 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version-

Redhat ≫ Enterprise Mrg Version2.0

Redhat ≫ Linux Version7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.04%	0.082

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.4	1.4	5.9	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://rhn.redhat.com/errata/RHSA-2016-2574.html

http://rhn.redhat.com/errata/RHSA-2016-2584.html

http://www.openwall.com/lists/oss-security/2016/09/22/4

Third Party Advisory

http://www.securityfocus.com/bid/93114

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=1329653

Patch

Third Party Advisory

VDB Entry

Issue Tracking

https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2016-3699

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3699

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3699

EUVD