Lucene search

K
f5F5F5:K43650115
HistoryJul 29, 2016 - 12:00 a.m.

K43650115 : Linux kernel vulnerability CVE-2016-0723

2016-07-2900:00:00
my.f5.com
26

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

52.4%

Security Advisory Description

Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call. (CVE-2016-0723)

Impact

Authenticated, local users with Advanced Shell (bash) access for BIG-IP, BIG-IQ, F5 iWorkflow, or Enterprise Manager systems, or console access for Traffix SDC systems, can install a specially crafted program to read very small amounts (4 bytes) of memory or potentially cause a kernel panic.