TROYANOSYVIRUS
Back to CVEs

CVE-2016-7117

CRITICAL
9.8

Description

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

CVE Details

CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published10/10/2016
Last Modified4/12/2025
Sourcenvd
Honeypot Sightings0

Affected Products

canonical:ubuntu_linuxdebian:debian_linuxlinux:linux_kernel

Weaknesses (CWE)

CWE-19

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d(security@android.com)
http://rhn.redhat.com/errata/RHSA-2016-2962.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0031.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0036.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0065.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0086.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0091.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0113.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0196.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0215.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0216.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0217.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0270.html(security@android.com)
http://source.android.com/security/bulletin/2016-10-01.html(security@android.com)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2(security@android.com)
http://www.securityfocus.com/bid/93304(security@android.com)
https://bugzilla.novell.com/show_bug.cgi?id=1003077(security@android.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1382268(security@android.com)
https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d(security@android.com)
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html(security@android.com)
https://security-tracker.debian.org/tracker/CVE-2016-7117(security@android.com)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2016-2962.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0031.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0036.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0065.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0086.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0091.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0113.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0196.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0215.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0216.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0217.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0270.html(af854a3a-2127-422b-91ae-364da2661108)
http://source.android.com/security/bulletin/2016-10-01.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/93304(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.novell.com/show_bug.cgi?id=1003077(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1382268(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d(af854a3a-2127-422b-91ae-364da2661108)
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html(af854a3a-2127-422b-91ae-364da2661108)
https://security-tracker.debian.org/tracker/CVE-2016-7117(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.