CVE-2016-3699
kernel: ACPI table override allowed when securelevel is enabled
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
El kernel de Linux, tal como se utiliza en Red Hat Enterprise Linux 7.2 y Red Hat Enterprise MRG 2 y cuando se arranca con UEFI Secure Boot habilitado, permite a usuarios locales eludir las restricciones destinadas a Secure Boot y ejecutar código no confiable añadiendo tablas ACPI para el initrd.
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-03-30 CVE Reserved
- 2016-10-07 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
- CWE-358: Improperly Implemented Security Check for Standard
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/09/22/4 | Mailing List |
|
| http://www.securityfocus.com/bid/93114 | Broken Link |
| URL | Date | SRC |
|---|---|---|
| https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76 | 2024-08-06 |
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1329653 | 2016-11-03 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-2574.html | 2023-02-13 | |
| http://rhn.redhat.com/errata/RHSA-2016-2584.html | 2023-02-13 | |
| https://access.redhat.com/security/cve/CVE-2016-3699 | 2016-11-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg" | 2.0 Search vendor "Redhat" for product "Enterprise Mrg" and version "2.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Linux Search vendor "Redhat" for product "Linux" | 7.2 Search vendor "Redhat" for product "Linux" and version "7.2" | - |
Affected
| ||||||