CVE-2016-0723
Advisory lineage Upstream: 0 Downstream: 16
Modified
Published: 08 Feb 2016, 02:00
Last modified:05 Aug 2024, 22:30
Vulnerability Summary
Overall Risk (default)
medium
27/100 CVSS Score
6.8 MEDIUM
v3.0 (nvd)
EPSS Score
0.03% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
08 Feb 2016, 02:00
Published
Vulnerability first disclosed
05 Aug 2024, 22:30
Last Modified
Vulnerability information updated
Description
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call.
CVSS Metrics
- v3.0•MEDIUM•Score: 6.8CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
- v2.0•MEDIUM•Score: 5.6AV:L/AC:L/Au:N/C:P/I:N/A:C
EPSS Trends
Current EPSS score: 0.03%• Percentile: 8%
Techniques & Countermeasures
- CWE-200•Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
- CWE-362•Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Affected Systems
- linux•linux_kernel
≤ 4.4.1
References (29)
- https://security-tracker.debian.org/tracker/CVE-2016-0723
- http://www.ubuntu.com/usn/USN-2930-1
- http://www.ubuntu.com/usn/USN-2967-1
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1296253
- http://www.ubuntu.com/usn/USN-2930-2
- http://www.debian.org/security/2016/dsa-3503
- http://www.ubuntu.com/usn/USN-2967-2
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c17c861a357e9458001f021a7afa7aab9937439
- http://www.ubuntu.com/usn/USN-2930-3
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
- http://source.android.com/security/bulletin/2016-07-01.html
- http://www.ubuntu.com/usn/USN-2929-1
- http://www.ubuntu.com/usn/USN-2932-1
- http://www.securityfocus.com/bid/82950
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.securitytracker.com/id/1035695
- http://www.ubuntu.com/usn/USN-2948-1
- http://www.debian.org/security/2016/dsa-3448
- http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html
- http://www.ubuntu.com/usn/USN-2929-2
- https://github.com/torvalds/linux/commit/5c17c861a357e9458001f021a7afa7aab9937439
- http://www.ubuntu.com/usn/USN-2948-2
- http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
- https://support.f5.com/csp/article/K43650115