Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 27/06/2016 Updated: 12/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package prior to 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote malicious users to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel-rt
redhat enterprise linux for real time 7
redhat enterprise linux for real time for nfv 7
novell suse linux enterprise real time extension 12.0

CWE-284 http://www.openwall.com/lists/oss-security/2016/05/17/1 https://bugzilla.redhat.com/show_bug.cgi?id=1327484 https://access.redhat.com/errata/RHSA-2016:1341 https://access.redhat.com/errata/RHSA-2016:1301 http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-3707

Vulnerability Summary

References

Vulmon Search

About

Products

Connect