Published: 28/11/2016 Updated: 12/02/2023

CVSS v2 Base Score: 6.2 | Impact Score: 10 | Exploitability Score: 1.9

CVSS v3 Base Score: 6.8 | Impact Score: 5.9 | Exploitability Score: 0.9

VMScore: 554

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

drivers/firewire/net.c in the Linux kernel prior to 4.8.7, in certain unusual hardware configurations, allows remote malicious users to execute arbitrary code via crafted fragmented packets.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Debian Bug report logs - #770492 linux-image-3160-4-686-pae: chown removes securitycapability xattr on other users' files (CVE-2015-1350) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: wireshark-common, iputils-ping, fping Reported by: Ben Harris <bjh21@cama ...

Synopsis Important: kernel-rt security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sco ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the Linux kernel ...

Several security issues were fixed in the kernel ...

Several security issues were fixed in the Linux kernel ...

A buffer overflow vulnerability due to a lack of input filtering of incoming fragmented datagrams was found in the IP-over-1394 driver [firewire-net] in a fragment handling code in the Linux kernel The vulnerability exists since firewire supported IPv4, ie since version 2631 (year 2009) till version v49-rc4 A maliciously formed fragment with ...

CWE-119 CWE-284 https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac http://www.openwall.com/lists/oss-security/2016/11/06/1 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7 https://bugzilla.redhat.com/show_bug.cgi?id=1391490 https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/http://www.securityfocus.com/bid/94149 https://access.redhat.com/errata/RHSA-2018:1062 https://access.redhat.com/errata/RHSA-2018:0676 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492 https://usn.ubuntu.com/3161-2/

Get Started

CVE-2016-8633

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect