Lucene search

K
cvelistRedhatCVELIST:CVE-2016-9576
HistoryDec 28, 2016 - 7:42 a.m.

CVE-2016-9576

2016-12-2807:42:00
redhat
www.cve.org
1

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

References