7
CVE-2016-6786
- EPSS 0.42%
- Veröffentlicht 28.12.2016 07:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle security@android.com
- CVE-Watchlists
- Unerledigt
kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 3.2.85
Linux ≫ Linux Kernel Version >= 3.3 < 3.16.40
Linux ≫ Linux Kernel Version >= 3.17 < 3.18.54
Linux ≫ Linux Kernel Version >= 3.19 < 4.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.331 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7 | 1 | 5.9 |
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.9 | 3.4 | 10 |
AV:L/AC:M/Au:N/C:C/I:C/A:C
|
http://www.debian.org/security/2017/dsa-3791
http://source.android.com/security/bulletin/2016-12-01.html
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f63a8daa5812afef4f06c962351687e1ff9ccb2b
http://www.securityfocus.com/bid/94679
https://bugzilla.redhat.com/show_bug.cgi?id=1403842
https://github.com/torvalds/linux/commit/f63a8daa5812afef4f06c962351687e1ff9ccb2b