[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-9576":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":102,"related":103,"reserved_at":9,"published_at":136,"modified_at":137,"state":138,"summary":139,"references_raw":148,"kevs":238,"epss":239,"epss_history":242,"metrics":512,"affected":523},"CVE-2016-9576","The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100],{"_key":25},"SUSE-SU-2016:3252-1",{"_key":27},"SUSE-SU-2017:0230-1",{"_key":29},"SUSE-SU-2017:0246-1",{"_key":31},"SUSE-SU-2017:0249-1",{"_key":33},"SUSE-SU-2016:3146-1",{"_key":35},"SUSE-SU-2016:3188-1",{"_key":37},"SUSE-SU-2016:3203-1",{"_key":39},"SUSE-SU-2016:3217-1",{"_key":41},"SUSE-SU-2016:3248-1",{"_key":43},"SUSE-SU-2017:0226-1",{"_key":45},"SUSE-SU-2017:0227-1",{"_key":47},"SUSE-SU-2017:0228-1",{"_key":49},"SUSE-SU-2017:0229-1",{"_key":51},"SUSE-SU-2017:0231-1",{"_key":53},"SUSE-SU-2017:0233-1",{"_key":55},"SUSE-SU-2017:0234-1",{"_key":57},"SUSE-SU-2017:0235-1",{"_key":59},"SUSE-SU-2017:0244-1",{"_key":61},"SUSE-SU-2017:0245-1",{"_key":63},"SUSE-SU-2017:0247-1",{"_key":65},"SUSE-SU-2017:0248-1",{"_key":67},"SUSE-SU-2017:0267-1",{"_key":69},"SUSE-SU-2017:0268-1",{"_key":71},"SUSE-SU-2017:0278-1",{"_key":73},"SUSE-SU-2017:0293-1",{"_key":75},"SUSE-SU-2017:0294-1",{"_key":77},"SUSE-SU-2017:0407-1",{"_key":79},"SUSE-SU-2017:1102-1",{"_key":81},"OPENSUSE-SU-2024:10128-1",{"_key":83},"DLA-772-1",{"_key":85},"MGASA-2016-0429",{"_key":87},"MGASA-2017-0003",{"_key":89},"MGASA-2017-0004",{"_key":91},"UBUNTU-CVE-2016-9576",{"_key":93},"DEBIAN-CVE-2016-9576",{"_key":95},"RHSA-2017:0817",{"_key":97},"RHSA-2017:1842",{"_key":99},"RHSA-2017:2077",{"_key":101},"RHSA-2017:2669",[],[104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":85},{"_key":87},{"_key":89},"2016-12-28T07:42:00.000Z","2024-08-06T02:59:01.667Z","Modified",{"cisa_kev":140,"cisa_ransomware":140,"cisa_vendor":9,"epss_severity":141,"epss_score":142,"severity":143,"severity_score":144,"severity_version":145,"severity_source":146,"severity_vector":147,"severity_status":138},false,"low",0.0005,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[149,158,162,168,172,176,181,185,189,193,197,201,205,210,215,220,224,228,234],{"url":150,"sources":151,"tags":153},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html",[152,146],"cve.org",[154,155,156,157],"Vendor Advisory","X Refsource SUSE","Mailing List","Third Party Advisory",{"url":159,"sources":160,"tags":161},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html",[152,146],[154,155,156,157],{"url":163,"sources":164,"tags":165},"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0",[152,146],[166,167,154],"X Refsource CONFIRM","Patch",{"url":169,"sources":170,"tags":171},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html",[152,146],[154,155,156,157],{"url":173,"sources":174,"tags":175},"https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0",[152,146],[166,167,154],{"url":177,"sources":178,"tags":179},"https://access.redhat.com/errata/RHSA-2017:2669",[152,146],[154,180,157],"X Refsource REDHAT",{"url":182,"sources":183,"tags":184},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html",[152,146],[154,155,156,157],{"url":186,"sources":187,"tags":188},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html",[152,146],[154,155,156,157],{"url":190,"sources":191,"tags":192},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html",[152,146],[154,155,156,157],{"url":194,"sources":195,"tags":196},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html",[152,146],[154,155,156,157],{"url":198,"sources":199,"tags":200},"http://rhn.redhat.com/errata/RHSA-2017-0817.html",[152,146],[154,180,157],{"url":202,"sources":203,"tags":204},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html",[152,146],[154,155,156,157],{"url":206,"sources":207,"tags":208},"https://bugzilla.redhat.com/show_bug.cgi?id=1403145",[152,146],[166,209,157],"Issue Tracking",{"url":211,"sources":212,"tags":213},"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",[152,146],[166,214,154],"Release Notes",{"url":216,"sources":217,"tags":218},"http://www.openwall.com/lists/oss-security/2016/12/08/19",[152,146],[156,219,167,157],"X Refsource MLIST",{"url":221,"sources":222,"tags":223},"https://access.redhat.com/errata/RHSA-2017:2077",[152,146],[154,180,157],{"url":225,"sources":226,"tags":227},"https://access.redhat.com/errata/RHSA-2017:1842",[152,146],[154,180,157],{"url":229,"sources":230,"tags":231},"http://www.securityfocus.com/bid/94821",[152,146],[232,233,157],"VDB Entry","X Refsource BID",{"url":235,"sources":236,"tags":237},"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html",[152,146],[154,155,156,157],[],{"date":240,"score":142,"percentile":241},"2026-06-03",0.15785,[243,247,250,253,256,259,262,265,268,271,273,276,279,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,351,354,357,360,363,366,369,372,374,377,380,383,386,389,392,395,398,401,403,406,409,412,415,418,421,424,427,430,433,436,439,442,445,448,451,454,457,460,463,466,469,473,476,479,482,485,488,491,494,497,500,503,506,509],{"date":244,"score":245,"percentile":246},"2025-11-04",0.00067,0.20944,{"date":248,"score":245,"percentile":249},"2025-11-05",0.20945,{"date":251,"score":245,"percentile":252},"2025-11-06",0.20947,{"date":254,"score":245,"percentile":255},"2025-11-07",0.20954,{"date":257,"score":245,"percentile":258},"2025-11-08",0.20961,{"date":260,"score":245,"percentile":261},"2025-11-09",0.20925,{"date":263,"score":245,"percentile":264},"2025-11-10",0.20867,{"date":266,"score":245,"percentile":267},"2025-11-11",0.2089,{"date":269,"score":245,"percentile":270},"2025-11-12",0.20941,{"date":272,"score":245,"percentile":255},"2025-11-13",{"date":274,"score":245,"percentile":275},"2025-11-14",0.20942,{"date":277,"score":245,"percentile":278},"2025-11-15",0.20915,{"date":280,"score":245,"percentile":281},"2025-11-16",0.2087,{"date":283,"score":245,"percentile":284},"2025-11-17",0.20835,{"date":286,"score":245,"percentile":287},"2025-11-18",0.16521,{"date":289,"score":245,"percentile":290},"2025-11-19",0.16533,{"date":292,"score":245,"percentile":293},"2025-11-20",0.16506,{"date":295,"score":245,"percentile":296},"2025-11-21",0.208,{"date":298,"score":245,"percentile":299},"2025-11-22",0.20794,{"date":301,"score":245,"percentile":302},"2025-11-23",0.2076,{"date":304,"score":245,"percentile":305},"2025-11-24",0.20734,{"date":307,"score":245,"percentile":308},"2025-11-25",0.20722,{"date":310,"score":245,"percentile":311},"2025-11-26",0.20711,{"date":313,"score":245,"percentile":314},"2025-11-27",0.20672,{"date":316,"score":245,"percentile":317},"2025-11-28",0.20656,{"date":319,"score":245,"percentile":320},"2025-11-29",0.20647,{"date":322,"score":245,"percentile":323},"2025-11-30",0.20645,{"date":325,"score":245,"percentile":326},"2025-12-01",0.20687,{"date":328,"score":245,"percentile":329},"2025-12-02",0.20706,{"date":331,"score":245,"percentile":332},"2025-12-03",0.20719,{"date":334,"score":245,"percentile":335},"2025-12-04",0.20674,{"date":337,"score":245,"percentile":338},"2025-12-05",0.20718,{"date":340,"score":245,"percentile":341},"2025-12-06",0.20723,{"date":343,"score":245,"percentile":344},"2025-12-07",0.20703,{"date":346,"score":245,"percentile":347},"2025-12-08",0.20721,{"date":349,"score":245,"percentile":350},"2025-12-09",0.20781,{"date":352,"score":245,"percentile":353},"2025-12-10",0.20852,{"date":355,"score":245,"percentile":356},"2025-12-11",0.20889,{"date":358,"score":245,"percentile":359},"2025-12-12",0.20902,{"date":361,"score":245,"percentile":362},"2025-12-13",0.20905,{"date":364,"score":245,"percentile":365},"2025-12-14",0.20871,{"date":367,"score":245,"percentile":368},"2025-12-15",0.20848,{"date":370,"score":245,"percentile":371},"2025-12-16",0.20876,{"date":373,"score":245,"percentile":255},"2025-12-17",{"date":375,"score":245,"percentile":376},"2025-12-18",0.21039,{"date":378,"score":245,"percentile":379},"2025-12-19",0.21056,{"date":381,"score":245,"percentile":382},"2025-12-20",0.21038,{"date":384,"score":245,"percentile":385},"2025-12-21",0.20983,{"date":387,"score":245,"percentile":388},"2025-12-22",0.20952,{"date":390,"score":245,"percentile":391},"2025-12-23",0.20948,{"date":393,"score":245,"percentile":394},"2025-12-24",0.20974,{"date":396,"score":245,"percentile":397},"2025-12-25",0.21059,{"date":399,"score":245,"percentile":400},"2025-12-26",0.21054,{"date":402,"score":245,"percentile":397},"2025-12-27",{"date":404,"score":245,"percentile":405},"2025-12-28",0.21016,{"date":407,"score":245,"percentile":408},"2025-12-29",0.20979,{"date":410,"score":245,"percentile":411},"2025-12-30",0.20959,{"date":413,"score":245,"percentile":414},"2025-12-31",0.21021,{"date":416,"score":245,"percentile":417},"2026-01-01",0.21111,{"date":419,"score":245,"percentile":420},"2026-01-02",0.21113,{"date":422,"score":245,"percentile":423},"2026-01-03",0.21099,{"date":425,"score":245,"percentile":426},"2026-01-04",0.21005,{"date":428,"score":245,"percentile":429},"2026-01-05",0.20996,{"date":431,"score":245,"percentile":432},"2026-01-06",0.21007,{"date":434,"score":245,"percentile":435},"2026-01-07",0.21043,{"date":437,"score":245,"percentile":438},"2026-01-08",0.21094,{"date":440,"score":245,"percentile":441},"2026-01-09",0.21088,{"date":443,"score":245,"percentile":444},"2026-01-10",0.2107,{"date":446,"score":245,"percentile":447},"2026-01-11",0.21041,{"date":449,"score":245,"percentile":450},"2026-01-12",0.21006,{"date":452,"score":245,"percentile":453},"2026-01-13",0.20984,{"date":455,"score":245,"percentile":456},"2026-01-14",0.21044,{"date":458,"score":245,"percentile":459},"2026-01-15",0.21048,{"date":461,"score":245,"percentile":462},"2026-01-16",0.21076,{"date":464,"score":245,"percentile":465},"2026-01-17",0.21084,{"date":467,"score":245,"percentile":468},"2026-01-18",0.21036,{"date":470,"score":471,"percentile":472},"2026-01-19",0.00064,0.20082,{"date":474,"score":471,"percentile":475},"2026-01-20",0.20064,{"date":477,"score":471,"percentile":478},"2026-01-21",0.20027,{"date":480,"score":471,"percentile":481},"2026-01-22",0.19972,{"date":483,"score":471,"percentile":484},"2026-01-23",0.20068,{"date":486,"score":471,"percentile":487},"2026-01-24",0.20095,{"date":489,"score":471,"percentile":490},"2026-01-25",0.20021,{"date":492,"score":471,"percentile":493},"2026-01-26",0.19916,{"date":495,"score":471,"percentile":496},"2026-01-27",0.19908,{"date":498,"score":471,"percentile":499},"2026-01-28",0.19909,{"date":501,"score":471,"percentile":502},"2026-01-29",0.19871,{"date":504,"score":471,"percentile":505},"2026-01-30",0.1988,{"date":507,"score":471,"percentile":508},"2026-01-31",0.19886,{"date":510,"score":471,"percentile":511},"2026-02-01",0.19913,[513],{"source":146,"cvss_v2_0":514,"cvss_v3_0":9,"cvss_v3_1":519,"cvss_v4_0":9},{"baseScore":515,"baseSeverity":9,"vectorString":516,"impactScore":517,"exploitabilityScore":518},7.2,"AV:L/AC:L/Au:N/C:C/I:C/A:C",10,3.9,{"baseScore":144,"baseSeverity":520,"vectorString":147,"impactScore":521,"exploitabilityScore":522},"HIGH",9.8,4.6,[524],{"ecosystem":9,"name":525,"vendor":526,"product":527,"cpe_part":528,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":529},"linux kernel","linux","linux_kernel","o",[530,538],{"version":531,"is_range":532,"range_type":533,"version_start":534,"version_start_type":535,"version_end":536,"version_end_type":537,"fixed_in":9},"gte4.0_lt4.4.38",true,"cpe","4.0","including","4.4.38","excluding",{"version":539,"is_range":532,"range_type":533,"version_start":540,"version_start_type":535,"version_end":541,"version_end_type":537,"fixed_in":9},"gte4.5_lt4.8.14","4.5","4.8.14"]