Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2016-0758

Published: 27/06/2016 Updated: 12/02/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Redhat

Vulnerability Summary

Integer overflow in lib/asn1_decoder.c in the Linux kernel prior to 4.6 allows local users to gain privileges via crafted ASN.1 data.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat enterprise linux desktop 7.0

redhat enterprise linux server aus 7.2

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

redhat enterprise linux hpc node 7.0

redhat enterprise linux server eus 7.2

redhat enterprise linux hpc node eus 7.2

linux linux kernel

canonical ubuntu linux 16.04

Vendor Advisories

Amazon Linux AMI: ALAS-2016-703
The Linux kernel did not properly suppress hugetlbfs support in x86 PV guests, which could allow local PV guest users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area (CVE-2016-3961 / XSA-174) A flaw was found in the way the Linux kernel's ASN1 DER decoder processed certain certificate files with tags ...
Ubuntu Security Notice: linux-lts-trusty vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-utopic vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux-snapdragon vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux-lts-vivid vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux-lts-wily vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-raspi2 vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux-raspi2 vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux vulnerability
The system could be made to crash or run programs as an administrator ...
Ubuntu Security Notice: linux-lts-xenial vulnerabilities
Several security issues were fixed in the kernel ...
HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBHF3548 rev.2 - Linux Kernel Flaw, ASN.1 DER decoder for x509 certificate DER files
A flaw was found in the way the Linux kernel's ASN1 DER decoder processed certain certificate files with tags of indefinite length A local, unprivileged user could use a specially crafted X509 certificate DER file to crash the system or, potentially, escalate his or her privileges on the system ...

References

NVD-CWE-Otherhttps://bugzilla.redhat.com/show_bug.cgi?id=1300257http://www.openwall.com/lists/oss-security/2016/05/12/9http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaahttps://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaahttp://rhn.redhat.com/errata/RHSA-2016-1033.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1051.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.htmlhttps://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555http://rhn.redhat.com/errata/RHSA-2016-1055.htmlhttp://www.ubuntu.com/usn/USN-2979-4http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://source.android.com/security/bulletin/2016-10-01.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.htmlhttp://www.securityfocus.com/bid/90626http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.htmlhttps://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2016-703.htmlhttps://usn.ubuntu.com/2975-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook