CVE-2016-5828

Description

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
• v2.0•HIGH•Score: 7.2AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.09%• Percentile: 25%

Techniques & Countermeasures

• CWE-20•Improper Input Validation

  The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Affected Systems

• canonical•ubuntu_linux

  12.04 | 14.04 | 16.04

• debian•debian_linux

  8.0

• linux•linux_kernel

  ≥ 3.9, < 3.10.103 | ≥ 3.11, < 3.14.74 | ≥ 3.15, < 3.16.37 | ≥ 3.17, < 3.18.37 | ≥ 3.19, < 4.1.28 | ≥ 4.2, < 4.4.16 | ≥ 4.6, < 4.6.5

• novell•suse_linux_enterprise_real_time_extension

  12:sp1

References (14)

• http://www.ubuntu.com/usn/USN-3070-1
• http://www.openwall.com/lists/oss-security/2016/06/25/7
• http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
• https://patchwork.ozlabs.org/patch/636776/
• http://rhn.redhat.com/errata/RHSA-2016-2574.html
• http://www.ubuntu.com/usn/USN-3070-3
• http://www.ubuntu.com/usn/USN-3070-2
• http://www.ubuntu.com/usn/USN-3071-1
• http://www.debian.org/security/2016/dsa-3616
• http://www.ubuntu.com/usn/USN-3070-4
• http://www.securityfocus.com/bid/91415
• http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
• http://www.ubuntu.com/usn/USN-3071-2
• http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html