CVE-2016-3699
kernel: ACPI table override allowed when securelevel is enabled
Severity Score
7.4
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
El kernel de Linux, tal como se utiliza en Red Hat Enterprise Linux 7.2 y Red Hat Enterprise MRG 2 y cuando se arranca con UEFI Secure Boot habilitado, permite a usuarios locales eludir las restricciones destinadas a Secure Boot y ejecutar código no confiable añadiendo tablas ACPI para el initrd.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-03-30 CVE Reserved
- 2016-10-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-358: Improperly Implemented Security Check for Standard
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2016/09/22/4 | Mailing List | |
http://www.securityfocus.com/bid/93114 | Broken Link |
URL | Date | SRC |
---|---|---|
https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76 | 2024-08-06 |
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1329653 | 2016-11-03 |
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2016-2574.html | 2023-02-13 | |
http://rhn.redhat.com/errata/RHSA-2016-2584.html | 2023-02-13 | |
https://access.redhat.com/security/cve/CVE-2016-3699 | 2016-11-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg" | 2.0 Search vendor "Redhat" for product "Enterprise Mrg" and version "2.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 7.2 Search vendor "Redhat" for product "Linux" and version "7.2" | - |
Affected
|