Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2016-9084

Published: 28/11/2016 Updated: 05/01/2018
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 410
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Linux Kernel

Vulnerability Summary

drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel up to and including 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Red Hat: Important: kernel-rt security and bug fix update
Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...
Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Debian CVElist Bug Report Logs: linux-image-3.16.0-4-686-pae: chown removes security.capability xattr on other users' files (CVE-2015-1350)
Debian Bug report logs - #770492 linux-image-3160-4-686-pae: chown removes securitycapability xattr on other users' files (CVE-2015-1350) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: wireshark-common, iputils-ping, fping Reported by: Ben Harris <bjh21@cama ...
Amazon Linux AMI: ALAS-2016-772
CVE-2016-8645 kernel: a BUG() statement can be hit in net/ipv4/tcp_inputcIt was discovered that the Linux kernel since 36-rc1 with netipv4tcp_fastopen; set to 1 can hit BUG() statement in tcp_collapse() function after making a number of certain syscalls leading to a possible system crash CVE-2016-8655 kernel: Race condition in packet_set_ring ...
Ubuntu Security Notice: linux-lts-xenial vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-hwe vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...

References

CWE-190http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913ahttps://bugzilla.redhat.com/show_bug.cgi?id=1389259https://patchwork.kernel.org/patch/9373631/http://www.openwall.com/lists/oss-security/2016/10/26/11https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913ahttp://www.securityfocus.com/bid/93930http://rhn.redhat.com/errata/RHSA-2017-0387.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0386.htmlhttps://access.redhat.com/errata/RHSA-2017:0387https://nvd.nist.govhttps://usn.ubuntu.com/3312-2/https://alas.aws.amazon.com/ALAS-2016-772.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook