Lucene search

K
redhatcveRedhat.comRH:CVE-2016-7425
HistoryApr 08, 2020 - 5:21 p.m.

CVE-2016-7425

2020-04-0817:21:21
redhat.com
access.redhat.com
28

0.0004 Low

EPSS

Percentile

10.1%

A heap-buffer overflow vulnerability was found in the arcmsr_iop_message_xfer() function in β€˜drivers/scsi/arcmsr/arcmsr_hba.c’ file in the Linux kernel through 4.8.2. The function does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code. This can potentially cause kernel heap corruption and arbitrary kernel code execution.