Published: 28/11/2016 Updated: 07/01/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel 4.4.22 up to and including 4.4.28 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application. NOTE: this vulnerability exists because of incorrect backporting of the CVE-2016-9178 patch to older kernels.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 4.4.28
linux linux kernel 4.4.22
linux linux kernel 4.4.24
linux linux kernel 4.4.25
linux linux kernel 4.4.26
linux linux kernel 4.4.27
linux linux kernel 4.4.23

Several security issues were fixed in the kernel ...

The __get_user_asm_ex macro in arch/x86/include/asm/uaccessh in the Linux kernel 4422 through 4428 contains extended asm statements that are incompatible with the exception table, which allows local users to obtain root access on non-SMEP platforms via a crafted application NOTE: this vulnerability exists because of incorrect backporting of ...

CWE-264 https://lwn.net/Articles/705220/http://www.openwall.com/lists/oss-security/2016/11/07/4 http://www.securityfocus.com/bid/94545 http://www.ubuntu.com/usn/USN-3146-2 http://www.ubuntu.com/usn/USN-3146-1 https://nvd.nist.gov https://usn.ubuntu.com/3161-4/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-9644

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect