[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-6828":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":43,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":92,"related":93,"reserved_at":9,"published_at":104,"modified_at":105,"state":106,"summary":107,"references_raw":115,"kevs":177,"epss":178,"epss_history":181,"metrics":443,"affected":454},"CVE-2016-6828","The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[21,30],{"_key":22,"name":23,"source":24,"url":25,"maturity":26,"reliability_score":27,"verified":28,"type":9,"platforms":29,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_2024F7F0F0532206","Exploit Reference (openwall.com)","reference","http://www.openwall.com/lists/oss-security/2016/08/15/1","unknown",0.2,false,[],{"_key":31,"name":32,"source":33,"url":34,"maturity":35,"reliability_score":36,"verified":28,"type":37,"platforms":38,"requires_auth":9,"exploitdb":40,"metasploit":9},"40731","Linux Kernel - TCP Related Read Use-After-Free","exploit-database","https://www.exploit-db.com/exploits/40731","poc",0.5,"dos",[39],"linux",{"verified":28,"type":37,"platform":39,"file":41,"codes":42},"exploits/linux/dos/40731.c",[7],[],[],[46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90],{"_key":47},"RHSA-2017:0036",{"_key":49},"RHSA-2017:0086",{"_key":51},"RHSA-2017:0091",{"_key":53},"SUSE-SU-2016:2912-1",{"_key":55},"SUSE-SU-2016:2976-1",{"_key":57},"SUSE-SU-2016:3069-1",{"_key":59},"SUSE-SU-2016:3304-1",{"_key":61},"SUSE-SU-2017:0333-1",{"_key":63},"SUSE-SU-2017:0471-1",{"_key":65},"SUSE-SU-2017:0494-1",{"_key":67},"USN-3099-2",{"_key":69},"USN-3099-3",{"_key":71},"USN-3099-4",{"_key":73},"OPENSUSE-SU-2024:10128-1",{"_key":75},"DLA-609-1",{"_key":77},"DSA-3659-1",{"_key":79},"MGASA-2016-0347",{"_key":81},"MGASA-2016-0364",{"_key":83},"UBUNTU-CVE-2016-6828",{"_key":85},"USN-3098-1",{"_key":87},"USN-3099-1",{"_key":89},"DEBIAN-CVE-2016-6828",{"_key":91},"RHSA-2017:0113",[],[94,95,96,97,98,99,100,101,102,103],{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":73},{"_key":79},{"_key":81},"2016-10-16T21:00:00.000Z","2024-08-06T01:43:37.815Z","Modified",{"cisa_kev":28,"cisa_ransomware":28,"cisa_vendor":9,"epss_severity":108,"epss_score":109,"severity":110,"severity_score":111,"severity_version":112,"severity_source":113,"severity_vector":114,"severity_status":106},"low",0.00096,"medium",5.5,"v3.0","nvd","CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[116,124,130,134,138,145,151,155,159,164,168,173],{"url":117,"sources":118,"tags":120},"https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4",[119,113],"cve.org",[121,122,123],"X Refsource CONFIRM","Issue Tracking","Patch",{"url":125,"sources":126,"tags":127},"http://rhn.redhat.com/errata/RHSA-2017-0086.html",[119,113],[128,129],"Vendor Advisory","X Refsource REDHAT",{"url":131,"sources":132,"tags":133},"http://rhn.redhat.com/errata/RHSA-2017-0113.html",[119,113],[128,129],{"url":135,"sources":136,"tags":137},"http://rhn.redhat.com/errata/RHSA-2017-0091.html",[119,113],[128,129],{"url":25,"sources":139,"tags":140},[119,113],[141,142,143,144],"Mailing List","X Refsource MLIST","Exploit","Third Party Advisory",{"url":146,"sources":147,"tags":148},"http://www.securityfocus.com/bid/92452",[119,113],[149,150],"VDB Entry","X Refsource BID",{"url":152,"sources":153,"tags":154},"https://source.android.com/security/bulletin/2016-11-01.html",[119,113],[121],{"url":156,"sources":157,"tags":158},"http://rhn.redhat.com/errata/RHSA-2017-0036.html",[119,113],[128,129],{"url":160,"sources":161,"tags":162},"https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html",[119,113],[163],"X Refsource MISC",{"url":165,"sources":166,"tags":167},"https://bugzilla.redhat.com/show_bug.cgi?id=1367091",[119,113],[121,122,144],{"url":169,"sources":170,"tags":171},"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5",[119,113],[121,172,144],"Release Notes",{"url":174,"sources":175,"tags":176},"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bb1fceca22492109be12640d49f5ea5a544c6bb4",[119,113],[121,122,123],[],{"date":179,"score":109,"percentile":180},"2026-06-03",0.2654,[182,186,189,192,195,198,201,204,207,210,212,215,218,221,224,227,230,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293,296,299,302,305,308,311,313,316,319,322,325,328,331,333,336,338,341,344,347,350,353,356,359,361,363,366,369,371,374,377,380,383,386,389,392,395,398,400,403,405,408,410,413,416,419,422,425,428,431,434,437,440],{"date":183,"score":184,"percentile":185},"2025-11-04",0.00098,0.278,{"date":187,"score":184,"percentile":188},"2025-11-05",0.27776,{"date":190,"score":184,"percentile":191},"2025-11-06",0.27788,{"date":193,"score":184,"percentile":194},"2025-11-07",0.27778,{"date":196,"score":184,"percentile":197},"2025-11-08",0.27774,{"date":199,"score":184,"percentile":200},"2025-11-09",0.27732,{"date":202,"score":184,"percentile":203},"2025-11-10",0.27702,{"date":205,"score":184,"percentile":206},"2025-11-11",0.27724,{"date":208,"score":184,"percentile":209},"2025-11-12",0.27767,{"date":211,"score":184,"percentile":197},"2025-11-13",{"date":213,"score":184,"percentile":214},"2025-11-14",0.27758,{"date":216,"score":184,"percentile":217},"2025-11-15",0.27747,{"date":219,"score":184,"percentile":220},"2025-11-16",0.27709,{"date":222,"score":184,"percentile":223},"2025-11-17",0.27678,{"date":225,"score":184,"percentile":226},"2025-11-18",0.23213,{"date":228,"score":184,"percentile":229},"2025-11-19",0.23225,{"date":231,"score":184,"percentile":232},"2025-11-20",0.23228,{"date":234,"score":184,"percentile":235},"2025-11-21",0.27683,{"date":237,"score":184,"percentile":238},"2025-11-22",0.27688,{"date":240,"score":184,"percentile":241},"2025-11-23",0.27652,{"date":243,"score":184,"percentile":244},"2025-11-24",0.27621,{"date":246,"score":184,"percentile":247},"2025-11-25",0.27613,{"date":249,"score":184,"percentile":250},"2025-11-26",0.27605,{"date":252,"score":184,"percentile":253},"2025-11-27",0.27614,{"date":255,"score":184,"percentile":256},"2025-11-28",0.27584,{"date":258,"score":184,"percentile":259},"2025-11-29",0.27569,{"date":261,"score":184,"percentile":262},"2025-11-30",0.27545,{"date":264,"score":184,"percentile":265},"2025-12-01",0.27603,{"date":267,"score":184,"percentile":268},"2025-12-02",0.27626,{"date":270,"score":184,"percentile":271},"2025-12-03",0.27634,{"date":273,"score":184,"percentile":274},"2025-12-04",0.27566,{"date":276,"score":184,"percentile":277},"2025-12-05",0.27599,{"date":279,"score":184,"percentile":280},"2025-12-06",0.27597,{"date":282,"score":184,"percentile":283},"2025-12-07",0.27564,{"date":285,"score":184,"percentile":286},"2025-12-08",0.27577,{"date":288,"score":184,"percentile":289},"2025-12-09",0.27636,{"date":291,"score":184,"percentile":292},"2025-12-10",0.2771,{"date":294,"score":184,"percentile":295},"2025-12-11",0.27737,{"date":297,"score":184,"percentile":298},"2025-12-12",0.27752,{"date":300,"score":184,"percentile":301},"2025-12-13",0.27749,{"date":303,"score":184,"percentile":304},"2025-12-14",0.27718,{"date":306,"score":184,"percentile":307},"2025-12-15",0.27685,{"date":309,"score":184,"percentile":310},"2025-12-16",0.27699,{"date":312,"score":184,"percentile":214},"2025-12-17",{"date":314,"score":184,"percentile":315},"2025-12-18",0.2781,{"date":317,"score":184,"percentile":318},"2025-12-19",0.27823,{"date":320,"score":184,"percentile":321},"2025-12-20",0.27787,{"date":323,"score":184,"percentile":324},"2025-12-21",0.27741,{"date":326,"score":184,"percentile":327},"2025-12-22",0.27706,{"date":329,"score":184,"percentile":330},"2025-12-23",0.27676,{"date":332,"score":184,"percentile":235},"2025-12-24",{"date":334,"score":184,"percentile":335},"2025-12-25",0.27759,{"date":337,"score":184,"percentile":298},"2025-12-26",{"date":339,"score":184,"percentile":340},"2025-12-27",0.27751,{"date":342,"score":184,"percentile":343},"2025-12-28",0.27674,{"date":345,"score":184,"percentile":346},"2025-12-29",0.27645,{"date":348,"score":184,"percentile":349},"2025-12-30",0.27642,{"date":351,"score":184,"percentile":352},"2025-12-31",0.27708,{"date":354,"score":184,"percentile":355},"2026-01-01",0.27821,{"date":357,"score":184,"percentile":358},"2026-01-02",0.27822,{"date":360,"score":184,"percentile":185},"2026-01-03",{"date":362,"score":184,"percentile":238},"2026-01-04",{"date":364,"score":184,"percentile":365},"2026-01-05",0.27679,{"date":367,"score":184,"percentile":368},"2026-01-06",0.27691,{"date":370,"score":184,"percentile":304},"2026-01-07",{"date":372,"score":184,"percentile":373},"2026-01-08",0.2776,{"date":375,"score":184,"percentile":376},"2026-01-09",0.2775,{"date":378,"score":184,"percentile":379},"2026-01-10",0.2773,{"date":381,"score":184,"percentile":382},"2026-01-11",0.27714,{"date":384,"score":184,"percentile":385},"2026-01-12",0.27667,{"date":387,"score":184,"percentile":388},"2026-01-13",0.27644,{"date":390,"score":184,"percentile":391},"2026-01-14",0.27687,{"date":393,"score":184,"percentile":394},"2026-01-15",0.27684,{"date":396,"score":184,"percentile":397},"2026-01-16",0.27717,{"date":399,"score":184,"percentile":206},"2026-01-17",{"date":401,"score":184,"percentile":402},"2026-01-18",0.2767,{"date":404,"score":184,"percentile":289},"2026-01-19",{"date":406,"score":184,"percentile":407},"2026-01-20",0.27623,{"date":409,"score":184,"percentile":274},"2026-01-21",{"date":411,"score":184,"percentile":412},"2026-01-22",0.27539,{"date":414,"score":184,"percentile":415},"2026-01-23",0.27611,{"date":417,"score":184,"percentile":418},"2026-01-24",0.27602,{"date":420,"score":184,"percentile":421},"2026-01-25",0.27525,{"date":423,"score":184,"percentile":424},"2026-01-26",0.27436,{"date":426,"score":184,"percentile":427},"2026-01-27",0.27416,{"date":429,"score":184,"percentile":430},"2026-01-28",0.27404,{"date":432,"score":184,"percentile":433},"2026-01-29",0.27357,{"date":435,"score":184,"percentile":436},"2026-01-30",0.27351,{"date":438,"score":184,"percentile":439},"2026-01-31",0.27355,{"date":441,"score":184,"percentile":442},"2026-02-01",0.27415,[444],{"source":113,"cvss_v2_0":445,"cvss_v3_0":450,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":446,"baseSeverity":9,"vectorString":447,"impactScore":448,"exploitabilityScore":449},4.9,"AV:L/AC:L/Au:N/C:N/I:N/A:C",6.9,3.9,{"baseScore":111,"baseSeverity":451,"vectorString":114,"impactScore":452,"exploitabilityScore":453},"MEDIUM",6,4.6,[455],{"ecosystem":9,"name":456,"vendor":39,"product":457,"cpe_part":458,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":459},"linux kernel","linux_kernel","o",[460],{"version":461,"is_range":462,"range_type":463,"version_start":9,"version_start_type":9,"version_end":464,"version_end_type":465,"fixed_in":9},"lte4.7.4",true,"cpe","4.7.4","including"]