1. Home
  2. Vulnerabilities
  3. CVE-2016-4470

CVE-2016-4470

CVSS v3.0 5.5 (Medium)
55% Progress
CVSS v2.0 4.9 (Medium)
49% Progress
EPSS 0.05 % (18th)
0.05% Progress
Affected Products 14
Advisories 45
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

Weaknesses
CWE-NVD-Other
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2016-06-27 10:59:08
(8 years ago)
Updated Date
2023-02-12 23:21:21
(19 months ago)

Affected Products

Linux

Novell

Oracle

Redhat

Configuration #1

    CPE23 From Up To
  Oracle Vm Server 3.3 cpe:2.3:o:oracle:vm_server:3.3
  Oracle Vm Server 3.4 cpe:2.3:o:oracle:vm_server:3.4

Configuration #2

    CPE23 From Up To
  Oracle Linux 5.0 cpe:2.3:o:oracle:linux:5.0
  Oracle Linux 6 cpe:2.3:o:oracle:linux:6
  Oracle Linux 7 cpe:2.3:o:oracle:linux:7

Configuration #3

    CPE23 From Up To
  Linux Kernel 4.6.3 and prior versions cpe:2.3:o:linux:linux_kernel <= 4.6.3

Configuration #4

    CPE23 From Up To
  Novell Suse Linux Enterprise Real Time Extension 12.0 SP1 cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1

Configuration #5

    CPE23 From Up To
  Redhat Enterprise Linux 6.0 cpe:2.3:o:redhat:enterprise_linux:6.0
  Redhat Enterprise Linux Desktop 7.0 cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  Redhat Enterprise Linux for Real Time 7.0 cpe:2.3:o:redhat:enterprise_linux_for_real_time:7.0
  Redhat Enterprise Linux Hpc Node 7.0 cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0
  Redhat Enterprise Linux Hpc Node Eus 7.0 cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.0
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Server Aus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2
  Redhat Enterprise Linux Server Eus 7.2 cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  Redhat Enterprise Mrg 2.0 cpe:2.3:o:redhat:enterprise_mrg:2.0