Vulnerability Description
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Vm Server | 3.3 |
| Oracle | Linux | 5.0 |
| Linux | Linux Kernel | <= 4.6.3 |
| Novell | Suse Linux Enterprise Real Time Extension | 12.0 |
| Redhat | Enterprise Linux | 6.0 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux For Real Time | 7.0 |
| Redhat | Enterprise Linux Hpc Node | 7.0 |
| Redhat | Enterprise Linux Hpc Node Eus | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Server Aus | 7.2 |
| Redhat | Enterprise Linux Server Eus | 7.2 |
| Redhat | Enterprise Linux Workstation | 7.0 |
| Redhat | Enterprise Mrg | 2.0 |
References
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=383274Vendor Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.htmlThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html
FAQ
What is CVE-2016-4470?
CVE-2016-4470 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of se...
How severe is CVE-2016-4470?
CVE-2016-4470 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-4470?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Vm Server, Oracle Linux, Linux Linux Kernel, Novell Suse Linux Enterprise Real Time Extension, Redhat Enterprise Linux.