{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-18T00:00:00", "descriptions": [{"lang": "en", "value": "The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-31T09:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "RHSA-2018:3083", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:3083"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"}, {"name": "USN-3017-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3017-1"}, {"name": "SUSE-SU-2016:1985", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"name": "USN-3017-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3017-3"}, {"name": "USN-3018-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3018-2"}, {"name": "USN-3021-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3021-2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528"}, {"name": "USN-3017-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3017-2"}, {"name": "USN-3019-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3019-1"}, {"name": "DSA-3607", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3607"}, {"name": "USN-3016-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3016-2"}, {"name": "USN-3016-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3016-1"}, {"name": "SUSE-SU-2016:1672", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"name": "USN-3021-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3021-1"}, {"name": "[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/05/18/5"}, {"name": "USN-3018-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3018-1"}, {"name": "[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/05/18/3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"}, {"name": "90730", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/90730"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6"}, {"name": "USN-3016-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3016-3"}, {"name": "USN-3016-4", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3016-4"}, {"name": "RHSA-2018:3096", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:3096"}, {"name": "USN-3020-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3020-1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2016-4913", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2018:3083", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3083"}, {"name": "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"}, {"name": "USN-3017-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3017-1"}, {"name": "SUSE-SU-2016:1985", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"name": "USN-3017-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3017-3"}, {"name": "USN-3018-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3018-2"}, {"name": "USN-3021-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3021-2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528"}, {"name": "USN-3017-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3017-2"}, {"name": "USN-3019-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3019-1"}, {"name": "DSA-3607", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3607"}, {"name": "USN-3016-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3016-2"}, {"name": "USN-3016-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3016-1"}, {"name": "SUSE-SU-2016:1672", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"name": "USN-3021-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3021-1"}, {"name": "[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/05/18/5"}, {"name": "USN-3018-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3018-1"}, {"name": "[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/05/18/3"}, {"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5", "refsource": "CONFIRM", "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"}, {"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"}, {"name": "90730", "refsource": "BID", "url": "http://www.securityfocus.com/bid/90730"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6"}, {"name": "USN-3016-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3016-3"}, {"name": "USN-3016-4", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3016-4"}, {"name": "RHSA-2018:3096", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3096"}, {"name": "USN-3020-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3020-1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T00:46:39.243Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2018:3083", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:3083"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"}, {"name": "USN-3017-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3017-1"}, {"name": "SUSE-SU-2016:1985", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"name": "USN-3017-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3017-3"}, {"name": "USN-3018-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3018-2"}, {"name": "USN-3021-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3021-2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528"}, {"name": "USN-3017-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3017-2"}, {"name": "USN-3019-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3019-1"}, {"name": "DSA-3607", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3607"}, {"name": "USN-3016-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3016-2"}, {"name": "USN-3016-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3016-1"}, {"name": "SUSE-SU-2016:1672", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"name": "USN-3021-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3021-1"}, {"name": "[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/05/18/5"}, {"name": "USN-3018-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3018-1"}, {"name": "[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/05/18/3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"}, {"name": "90730", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/90730"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6"}, {"name": "USN-3016-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3016-3"}, {"name": "USN-3016-4", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3016-4"}, {"name": "RHSA-2018:3096", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:3096"}, {"name": "USN-3020-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3020-1"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2016-4913", "datePublished": "2016-05-23T10:00:00", "dateReserved": "2016-05-18T00:00:00", "dateUpdated": "2024-08-06T00:46:39.243Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A89742F0-7BC2-48BE-BD22-2446513A7204", "versionEndExcluding": "3.2.81", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F147711-AD8B-484D-8393-5BCFC6C59EC3", "versionEndExcluding": "3.10.102", "versionStartIncluding": "3.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F5C3CC6-7128-4F37-B99A-76F53AF715CF", "versionEndExcluding": "3.12.60", "versionStartIncluding": "3.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6D3F25E-4D66-4712-A7C2-29EF4D7822D8", "versionEndExcluding": "3.14.70", "versionStartIncluding": "3.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "76266D0E-6C62-4AF5-A345-3ABBDB8DD9FA", "versionEndExcluding": "3.16.36", "versionStartIncluding": "3.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C51D9E11-9A86-4481-B5D3-63D770F9CC47", "versionEndExcluding": "3.18.34", "versionStartIncluding": "3.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "85FB2422-CC34-4FFB-8FEE-4A3A8976F17A", "versionEndExcluding": "4.1.25", "versionStartIncluding": "3.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7FA57A30-875F-45C7-874A-F90B6F114FC9", "versionEndExcluding": "4.4.11", "versionStartIncluding": "4.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4EC30B3A-B105-4482-A6B1-A5D1C79EFBA2", "versionEndExcluding": "4.5.5", "versionStartIncluding": "4.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*", "matchCriteriaId": "CC7A498A-A669-4C42-8134-86103C799D13", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "A5FDEDA8-6F51-4945-B443-438CC987F235", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "E090E7B3-2346-463D-8A0C-8B482500CB42", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:extra:*:*:*:*:*:*", "matchCriteriaId": "A8877923-3E50-4F71-B501-E6997894D07E", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "ADE9D807-6690-4D67-A6B3-68BBC9B50153", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem."}, {"lang": "es", "value": "La funci\u00f3n get_rock_ridge_filename en fs/isofs/rock.c en el kernel de Linux en versiones anteriores a 4.5.5 no maneja correctamente entradas NM (tambi\u00e9n conocidas como alternate name) que contienen caracteres \\0, lo que permite a usuarios locales obtener informaci\u00f3n sensible del kernel de memoria o posiblemente tener otro impacto no especificado a trav\u00e9s de un sistema de archivo isofs manipulado."}], "id": "CVE-2016-4913", "lastModified": "2023-09-12T14:45:07.473", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-23T10:59:14.723", "references": [{"source": "security@debian.org", "tags": ["Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"}, {"source": "security@debian.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3607"}, {"source": "security@debian.org", "tags": ["Vendor Advisory"], "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5"}, {"source": "security@debian.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/05/18/3"}, {"source": "security@debian.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/05/18/5"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html"}, {"source": "security@debian.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/90730"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3016-1"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3016-2"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3016-3"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3016-4"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3017-1"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3017-2"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3017-3"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3018-1"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3018-2"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3019-1"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3020-1"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3021-1"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3021-2"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:3083"}, {"source": "security@debian.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:3096"}, {"source": "security@debian.org", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528"}, {"source": "security@debian.org", "tags": ["Vendor Advisory"], "url": "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:3096", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-957.rt56.910.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-10-30T00:00:00Z"}, {"advisory": "RHSA-2018:3083", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-957.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-10-30T00:00:00Z"}], "bugzilla": {"description": "kernel: Information leak when handling NM entries containing NUL", "id": "1337528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1337528"}, "csaw": false, "cvss": {"cvss_base_score": "2.1", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.", "A vulnerability was found in the Linux kernel. Payloads of NM entries are not supposed to contain NUL. When such entry is processed, only the part prior to the first NUL goes into the concatenation (i.e. the directory entry name being encoded by a bunch of NM entries). The process stops when the amount collected so far + the claimed amount in the current NM entry exceed 254. However, the value returned as the total length is the sum of *claimed* sizes, not the actual amount collected. And that's what will be passed to readdir() callback as the name length - 8Kb __copy_to_user() from a buffer allocated by __get_free_page()."], "name": "CVE-2016-4913", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Will not fix", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2016-05-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-4913\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-4913"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7. Future Linux kernel updates for the respective releases might address this issue.", "threat_severity": "Low"}