Lucene search

K

PRIOn knowledge basePRION:CVE-2016-6136

HistoryAug 06, 2016 - 8:59 p.m.

Race condition

2016-08-0620:59:00

PRIOn knowledge base

www.prio-n.com

6

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Race condition in the audit_log_single_execve_arg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a “double fetch” vulnerability.

CPENameOperatorVersion
linux_kernelle4.7

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645c

rhn.redhat.com/errata/RHSA-2016-2574.html

rhn.redhat.com/errata/RHSA-2016-2584.html

rhn.redhat.com/errata/RHSA-2017-0307.html

www.securityfocus.com/archive/1/538835/30/0/threaded

www.securityfocus.com/bid/91558

bugzilla.kernel.org/show_bug.cgi?id=120681

bugzilla.redhat.com/show_bug.cgi?id=1353533

github.com/linux-audit/audit-kernel/issues/18

github.com/torvalds/linux/commit/43761473c254b45883a64441dd0bc85a42f3645c

source.android.com/security/bulletin/2016-11-01.html

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

Related for PRION:CVE-2016-6136

redhatcve1 veracode1 debiancve1 nessus34 nvd1 cvelist1 cve1 f51 ubuntucve1 openvas18 fedora2 centos2 redhat3 ubuntu8 oraclelinux6 debian3 osv2 virtuozzo2 photon1 ibm4 androidsecurity1