Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.
http://www.debian.org/security/2016/dsa-3616
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1
http://www.securityfocus.com/archive/1/538802/30/0/threaded
http://www.ubuntu.com/usn/USN-3070-1
http://www.ubuntu.com/usn/USN-3070-2
http://www.ubuntu.com/usn/USN-3070-3
http://www.ubuntu.com/usn/USN-3070-4
http://www.ubuntu.com/usn/USN-3071-1
http://www.ubuntu.com/usn/USN-3071-2
https://bugzilla.kernel.org/show_bug.cgi?id=116651
https://github.com/torvalds/linux/commit/9bf292bfca94694a721449e3fd752493856710f6
Source: MITRE
Published: 2016-06-27
Updated: 2016-11-28
Type: CWE-119
Base Score: 5.4
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:C
Impact Score: 7.8
Exploitability Score: 3.4
Severity: MEDIUM
Base Score: 6.3
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Impact Score: 5.2
Exploitability Score: 1
Severity: MEDIUM
OR
OR
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.6 (inclusive)
ID | Name | Product | Family | Severity |
---|---|---|---|---|
124829 | EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1506) | Nessus | Huawei Local Security Checks | critical |
93243 | Ubuntu 14.04 LTS : linux-lts-xenial vulnerabilities (USN-3070-4) | Nessus | Ubuntu Local Security Checks | high |
93242 | Ubuntu 16.04 LTS : linux-snapdragon vulnerabilities (USN-3070-3) | Nessus | Ubuntu Local Security Checks | high |
93241 | Ubuntu 16.04 LTS : linux-raspi2 vulnerabilities (USN-3070-2) | Nessus | Ubuntu Local Security Checks | high |
93219 | Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3071-2) | Nessus | Ubuntu Local Security Checks | high |
93218 | Ubuntu 14.04 LTS : linux vulnerabilities (USN-3071-1) | Nessus | Ubuntu Local Security Checks | high |
93217 | Ubuntu 16.04 LTS : linux vulnerabilities (USN-3070-1) | Nessus | Ubuntu Local Security Checks | high |
92256 | Fedora 23 : kernel (2016-73a733f4d9) | Nessus | Fedora Local Security Checks | high |
92232 | Fedora 24 : kernel (2016-1c409313f4) | Nessus | Fedora Local Security Checks | high |
91927 | Debian DSA-3616-1 : linux - security update | Nessus | Debian Local Security Checks | high |