The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. (CVE-2016-0728)

Impact

None. F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-iq centralized managementeq4.6.0
big-ip afmeq11.3.0
big-ip afmeq11.4.0
big-ip afmeq11.4.1
big-ip afmeq11.5.0
big-ip afmeq11.5.1
big-ip afmeq11.5.10
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4

Name	Operator	Version
big-iq centralized management	eq	4.6.0
big-ip afm	eq	11.3.0
big-ip afm	eq	11.4.0
big-ip afm	eq	11.4.1
big-ip afm	eq	11.5.0
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.10
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4

Rows per page:

1-10 of 3031

oraclelinux 4

redhat 4

nessus 30

suse 16

packetstorm 1

openvas 29

ubuntu 8

mageia 3

altlinux 1

prion 2

threatpost 3

ubuntucve 1

exploitpack 2

checkpoint_security 1

ibm 2

nvd 2

f5 1

centos 1

archlinux 2

cvelist 1

seebug 2

thn 1

symantec 1

debiancve 1

android 1

cisa 1

veracode 4

amazon 1

zdt 2

cve 2

chrome 1

exploitdb 2

hp 1

fedora 2

debian 2

osv 1

kitploit 1

androidsecurity 1

lenovo 1

oraclelinux

Unbreakable Enterprise kernel security update

2016-01-20 00:00:00

kernel-uek security update

2016-01-20 00:00:00

kernel security update

2016-01-25 00:00:00

redhat

(RHSA-2016:0065) Important: kernel-rt security update

2016-01-25 18:47:39

(RHSA-2016:0064) Important: kernel security update

2016-01-25 18:47:36

(RHSA-2016:0103) Important: kernel security, bug fix, and enhancement update

2016-02-02 16:05:39

nessus

Ubuntu 15.10 : linux vulnerability (USN-2872-1)

2016-01-20 00:00:00

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0186-1)

2016-01-25 00:00:00

Ubuntu 15.10 : linux-raspi2 vulnerability (USN-2872-3)

2016-01-20 00:00:00

suse

Security update for Kernel live patch 10 (important)

2016-02-04 19:18:40

Security update for the Linux Kernel (important)

2016-01-22 18:12:30

Security update for the Linux Kernel (important)

2016-01-20 21:11:28

packetstorm

Linux Kernel REFCOUNT Overflow / Use-After-Free

2016-01-20 00:00:00

openvas

Ubuntu: Security Advisory (USN-2871-1)

2016-01-20 00:00:00

Ubuntu: Security Advisory (USN-2870-2)

2016-01-20 00:00:00

Mageia: Security Advisory (MGASA-2016-0032)

2016-01-25 00:00:00

ubuntu

Linux kernel (Raspberry Pi 2) vulnerability

2016-01-19 00:00:00

Linux kernel vulnerability

2016-01-19 00:00:00

Linux kernel (Wily HWE) vulnerability

2016-01-19 00:00:00

mageia

Updated kernel packages fix security vulnerability

2016-01-21 09:09:50

Updated kernel-tmb packages fix security vulnerability

2016-01-21 09:09:50

Updated kernel-linus packages fix security vulnerability

2016-01-21 09:09:50

altlinux

Security fix for the ALT Linux 7 package kernel-image-std-def version 1:3.14.58-alt0.M70P.2

2016-01-19 00:00:00

prion

Integer overflow

2016-02-08 03:59:00

Design/Logic Flaw

2016-02-01 23:59:00

threatpost

Android Devices Linux Zero Day Kernel Vulnerability

2016-01-21 11:45:56

Linux Kernel Privilege Escalation Flaw Patched

2016-01-19 07:47:18

Google Fixes Critical Mediaserver Bug, Again

2016-03-07 14:00:02

ubuntucve

CVE-2016-0728

2016-01-19 00:00:00

exploitpack

Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (1)

2016-01-19 00:00:00

Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (2)

2016-01-19 00:00:00

checkpoint_security

Check Point Response to CVE-2016-0728 kernel: Possible use-after-free vulnerability in keyring facility

2016-01-20 21:24:26

ibm

Security Bulletin: Vulnerability in Linux Kernel affects PowerKVM (CVE-2016-0728)

2018-06-18 01:30:28

Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

2018-06-18 01:33:24

nvd

CVE-2016-0728

2016-02-08 03:59:10

CVE-2016-7028

2016-02-01 23:59:00

SOL01948202 - Linux kernel vulnerability CVE-2016-0728

2016-01-22 00:00:00

centos

kernel, perf, python security update

2016-01-26 02:08:06

archlinux

linux-lts: privilege escalation

2016-01-25 00:00:00

linux: privilege escalation

2016-01-20 00:00:00

cvelist

CVE-2016-0728

2016-02-08 02:00:00

seebug

Linux内核 Keyrings 引用计数溢出 UAF 漏洞

2016-05-20 00:00:00

ACTi E31 surveillance Cameras 弱密码漏洞

2016-01-28 00:00:00

thn

Zero-Day Flaw Found in 'Linux Kernel' leaves Millions Vulnerable

2016-01-19 06:30:00

symantec

SA112 : Linux Kernel Keyring Privilege Escalation

2016-02-25 08:00:00

debiancve

CVE-2016-0728

2016-02-08 03:59:10

android

CVE-2016-0728

2016-03-01 00:00:00

cisa

Linux Kernel Vulnerability

2016-01-19 00:00:00

veracode

Integer Overflow

2019-05-02 05:20:50

Denial Of Service (DoS)

2019-05-02 05:20:50

Improper Access Control

2019-05-02 05:20:50

amazon

Medium: kernel

2016-01-19 17:07:00

zdt

Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (2)

2016-01-19 00:00:00

Linux Kernel 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Privilege Escalation (1)

2016-01-19 00:00:00

cve

CVE-2016-0728

2016-02-08 03:59:10

CVE-2016-7028

2022-10-03 16:16:28

chrome

Stable Channel Update for Chrome OS

2016-01-26 00:00:00

exploitdb

Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (1)

2016-01-19 00:00:00

Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (2)

2016-01-19 00:00:00

HPSBHF03436 rev.2 - HP Thin Client with ThinPro OS, running Linux, Local Elevated Privileges

2016-02-26 00:00:00

fedora

[SECURITY] Fedora 23 Update: kernel-4.3.3-303.fc23

2016-01-26 18:29:15

[SECURITY] Fedora 22 Update: kernel-4.3.4-200.fc22

2016-02-01 06:34:15

debian

[SECURITY] [DSA 3448-1] linux security update

2016-01-19 12:40:10

[SECURITY] [DSA 3448-1] linux security update

2016-01-19 12:40:10

osv

linux - security update

2016-01-19 00:00:00

kitploit

Kernelpop - Kernel Privilege Escalation Enumeration And Exploitation Framework

2017-11-04 13:30:00

androidsecurity

Nexus Security Bulletin - March 2016

2016-03-07 00:00:00

lenovo

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

2020-04-13 19:22:04

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for F5:K01948202