CVE-2016-4470

Published on: 06/27/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:59 PM UTC

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Certain versions of Linux Kernel from Linux contain the following vulnerability:

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

  • CVE-2016-4470 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.5 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 4.9 - MEDIUM

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
[security-announce] SUSE-SU-2016:2001-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2001
[security-announce] SUSE-SU-2016:2009-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2009
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2006
[security-announce] SUSE-SU-2016:1961-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1961
USN-3050-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3050-1
[security-announce] SUSE-SU-2016:1937-1: important: Security update for Third Party Advisory
lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1937
[security-announce] SUSE-SU-2016:2010-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2010
[security-announce] SUSE-SU-2016:2005-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2005
[security-announce] SUSE-SU-2016:2002-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2002
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2133
USN-3055-1: Linux kernel vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3055-1
[security-announce] SUSE-SU-2016:1999-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1999
Oracle Linux Bulletin - July 2016 Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1539
Oracle Linux Bulletin - October 2016 www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
[security-announce] SUSE-SU-2016:2007-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2007
[security-announce] SUSE-SU-2016:1985-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1985
Google Android Multiple Flaws Let Remote Users Deny Service and Execute Arbitrary Code and Let Applications Obtain Potentially Sensitive Information and Gain Elevated Privileges - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036763
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1541
[security-announce] SUSE-SU-2016:1994-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1994
USN-3054-1: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3054-1
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1532
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:1657
USN-3051-1: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3051-1
[security-announce] SUSE-SU-2016:1995-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1995
[security-announce] SUSE-SU-2016:2014-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2014
Oracle VM Server for x86 Bulletin - July 2016 Vendor Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
USN-3052-1: Linux kernel vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3052-1
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2128
USN-3057-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3057-1
[security-announce] SUSE-SU-2016:2006-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2006
Debian -- Security Information -- DSA-3607-1 linux www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3607
USN-3049-1: Linux kernel vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3049-1
[security-announce] SUSE-SU-2016:2018-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2018
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2074
1341716 – (CVE-2016-4470) CVE-2016-4470 kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path Issue Tracking
Third Party Advisory
VDB Entry
bugzilla.redhat.com
text/html
URL Logo CONFIRM bugzilla.redhat.com/show_bug.cgi?id=1341716
USN-3056-1: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3056-1
[security-announce] SUSE-SU-2016:1998-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:1998
oss-security - CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree(). www.openwall.com
text/html
URL Logo MLIST [oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().
[security-announce] SUSE-SU-2016:2003-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2003
kernel/git/torvalds/linux.git - Linux kernel source tree Vendor Advisory
git.kernel.org
text/html
URL Logo CONFIRM git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a
USN-3053-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu www.ubuntu.com
text/html
URL Logo UBUNTU USN-3053-1
[security-announce] SUSE-SU-2016:2105-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2105
KEYS: potential uninitialized variable · torvalds/[email protected] · GitHub Vendor Advisory
github.com
text/html
URL Logo CONFIRM github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a
[security-announce] SUSE-SU-2016:2011-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2011
[security-announce] openSUSE-SU-2016:2184-1: important: Security update lists.opensuse.org
text/html
URL Logo SUSE openSUSE-SU-2016:2184
[security-announce] SUSE-SU-2016:2000-1: important: Security update for lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:2000
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2076

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
LinuxLinux KernelAllAllAllAll
Operating
System
NovellSuse Linux Enterprise Real Time Extension12.0sp1AllAll
Operating
System
NovellSuse Linux Enterprise Real Time Extension12.0sp1AllAll
Operating
System
OracleLinux5.0AllAllAll
Operating
System
OracleLinux6AllAllAll
Operating
System
OracleLinux7AllAllAll
Operating
System
OracleLinux5.0AllAllAll
Operating
System
OracleLinux6AllAllAll
Operating
System
OracleLinux7AllAllAll
Operating
System
OracleVm Server3.3AllAllAll
Operating
System
OracleVm Server3.4AllAllAll
Operating
System
OracleVm Server3.3AllAllAll
Operating
System
OracleVm Server3.4AllAllAll
Operating
System
RedhatEnterprise Linux6.0AllAllAll
Operating
System
RedhatEnterprise Linux6.0AllAllAll
Operating
System
RedhatEnterprise Linux Desktop7.0AllAllAll
Operating
System
RedhatEnterprise Linux Desktop7.0AllAllAll
Operating
System
RedhatEnterprise Linux For Real Time7.0AllAllAll
Operating
System
RedhatEnterprise Linux For Real Time7.0AllAllAll
Operating
System
RedhatEnterprise Linux Hpc Node7.0AllAllAll
Operating
System
RedhatEnterprise Linux Hpc Node7.0AllAllAll
Operating
System
RedhatEnterprise Linux Hpc Node Eus7.0AllAllAll
Operating
System
RedhatEnterprise Linux Hpc Node Eus7.0AllAllAll
Operating
System
RedhatEnterprise Linux Server7.0AllAllAll
Operating
System
RedhatEnterprise Linux Server7.0AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Aus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Server Eus7.2AllAllAll
Operating
System
RedhatEnterprise Linux Workstation7.0AllAllAll
Operating
System
RedhatEnterprise Linux Workstation7.0AllAllAll
ApplicationRedhatEnterprise Mrg2.0AllAllAll
ApplicationRedhatEnterprise Mrg2.0AllAllAll
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*:
  • cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*:
  • cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_for_real_time:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_for_real_time:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*: