CVE-2016-4558

CVSS v3.1 7 (High)

CVSS v2.0 6.9 (Medium)

EPSS 0.06 % (27^th)

Affected Products 2

Advisories 7

The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.

Weaknesses

CWE-NVD-Other

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2016-05-23 10:59:04
(8 years ago)
Updated Date: 2023-06-07 12:45:02
(15 months ago)

Affected Products

Canonical

Ubuntu Linux

Linux

Linux Kernel

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 4.4 version and prior 4.4.11 version	cpe:2.3:o:linux:linux_kernel	>= 4.4	< 4.4.11
	Linux Kernel from 4.5 version and prior 4.5.5 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.5.5

Configuration #2

		CPE23	From	Up To
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts