Ubuntu.comUB:CVE-2016-5138CVE-2016-5138
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
86.5%
Integer overflow in the kbasep_vinstr_attach_client function in
midgard/mali_kbase_vinstr.c in Google Chrome before 52.0.2743.85 allows
remote attackers to cause a denial of service (heap-based buffer overflow
and use-after-free) by leveraging an unrestricted multiplication.
References
googlechromereleases.blogspot.com/2016/07/stable-channel-update-for-chrome-os_26.html
bugs.chromium.org/p/chromium/issues/detail?id=631752&desc=2
chromium.googlesource.com/chromiumos/third_party/kernel/+/d65f7c158dabbb5b9e89723aceb30e874c2d748a
launchpad.net/bugs/cve/CVE-2016-5138
nvd.nist.gov/vuln/detail/CVE-2016-5138
security-tracker.debian.org/tracker/CVE-2016-5138
www.cve.org/CVERecord?id=CVE-2016-5138
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
86.5%