CVE-2016-7910
kernel: Use after free in seq file
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.
Vulnerabilidad de uso después de liberación de memoria en la función disk_seqf_stop en block/genhd.c en el kernel de Linux en versiones anteriores a 4.7.1 permite a usuarios locales obtener privilegios aprovechando la ejecución de una cierta operación de parada incluso si la operación de arranque correspondiente hubiera fallado.
A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-09-09 CVE Reserved
- 2016-11-16 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2024-12-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-416: Use After Free
CAPEC
References (11)
URL | Tag | Source |
---|---|---|
http://source.android.com/security/bulletin/2016-11-01.html | Third Party Advisory | |
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1 | Release Notes | |
http://www.securityfocus.com/bid/94135 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2017:0892 | 2023-01-19 | |
https://access.redhat.com/errata/RHSA-2017:1297 | 2023-01-19 | |
https://access.redhat.com/errata/RHSA-2017:1298 | 2023-01-19 | |
https://access.redhat.com/errata/RHSA-2017:1308 | 2023-01-19 | |
https://access.redhat.com/security/cve/CVE-2016-7910 | 2017-05-25 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1399727 | 2017-05-25 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.2.84 Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.84" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.10.103 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.10.103" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.11 < 3.12.63 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.12.63" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.13 < 3.14.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.13 < 3.14.76" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.15 < 3.16.39 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.15 < 3.16.39" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.17 < 3.18.40 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 3.18.40" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.19 < 4.1.31 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.31" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.2 < 4.4.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.18" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.5 < 4.6.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.6.7" | - |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.7 < 4.7.1 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.7 < 4.7.1" | - |
Affected
|