← Retour aux CVEs
CVE-2016-7117
CRITICAL9.8
Description
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.
Details CVE
Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie10/10/2016
Derniere modification4/12/2025
Sourcenvd
Observations honeypot0
Produits affectes
canonical:ubuntu_linuxdebian:debian_linuxlinux:linux_kernel
Faiblesses (CWE)
CWE-19
References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d(security@android.com)
http://rhn.redhat.com/errata/RHSA-2016-2962.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0031.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0036.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0065.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0086.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0091.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0113.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0196.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0215.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0216.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0217.html(security@android.com)
http://rhn.redhat.com/errata/RHSA-2017-0270.html(security@android.com)
http://source.android.com/security/bulletin/2016-10-01.html(security@android.com)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2(security@android.com)
http://www.securityfocus.com/bid/93304(security@android.com)
https://bugzilla.novell.com/show_bug.cgi?id=1003077(security@android.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1382268(security@android.com)
https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d(security@android.com)
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html(security@android.com)
https://security-tracker.debian.org/tracker/CVE-2016-7117(security@android.com)
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2016-2962.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0031.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0036.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0065.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0086.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0091.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0113.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0196.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0215.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0216.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0217.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2017-0270.html(af854a3a-2127-422b-91ae-364da2661108)
http://source.android.com/security/bulletin/2016-10-01.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/93304(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.novell.com/show_bug.cgi?id=1003077(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1382268(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d(af854a3a-2127-422b-91ae-364da2661108)
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html(af854a3a-2127-422b-91ae-364da2661108)
https://security-tracker.debian.org/tracker/CVE-2016-7117(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.