Published: 28/11/2016 Updated: 12/02/2023

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The tipc_msg_build function in net/tipc/msg.c in the Linux kernel up to and including 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Several security issues were fixed in the kernel ...

Several security issues were fixed in the Linux kernel ...

A flaw was found in the TIPC networking subsystem which could allow for memory corruption and possible privilege escalation The flaw involves a system with an unusually low MTU (60) on networking devices configured as bearers for the TIPC protocol An attacker could create a packet which will overwrite memory outside of allocated space and allow ...

CWE-264 CWE-119 http://www.openwall.com/lists/oss-security/2016/11/08/5 https://bugzilla.redhat.com/show_bug.cgi?id=1390832 http://www.securityfocus.com/bid/94211 https://www.mail-archive.com/netdev%40vger.kernel.org/msg133205.html https://nvd.nist.gov https://usn.ubuntu.com/3190-2/

CVE-2016-8632

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect