Lucene search

K

Google_androidCVELIST:CVE-2016-7916

HistoryNov 16, 2016 - 4:49 a.m.

CVE-2016-7916

2016-11-1604:49:00

google_android

www.cve.org

6

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

31.6%

Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3

source.android.com/security/bulletin/2016-11-01.html

www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4

www.securityfocus.com/bid/94138

www.ubuntu.com/usn/USN-3159-1

www.ubuntu.com/usn/USN-3159-2

bugzilla.kernel.org/show_bug.cgi?id=116461

forums.grsecurity.net/viewtopic.php?f=3&t=4363

github.com/torvalds/linux/commit/8148a73c9901a8794a50f950083c00ccf97d43b3

AI Score

5.7

Confidence

High

EPSS

0.001

Percentile

31.6%

Related for CVELIST:CVE-2016-7916

cve1 ubuntu4 nvd1 openvas11 prion1 nessus12 ubuntucve1 debiancve1 suse5 androidsecurity1 lenovo1