{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://source.android.com/security/bulletin/2017-01-01.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"}, {"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"}, {"name": "RHSA-2017:2669", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2669"}, {"name": "RHSA-2017:0817", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"}, {"name": "RHSA-2017:2077", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2077"}, {"name": "RHSA-2017:1842", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1842"}, {"name": "93544", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93544"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-7042", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://source.android.com/security/bulletin/2017-01-01.html", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/2017-01-01.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"}, {"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"}, {"name": "RHSA-2017:2669", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2669"}, {"name": "RHSA-2017:0817", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"}, {"name": "RHSA-2017:2077", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2077"}, {"name": "RHSA-2017:1842", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1842"}, {"name": "93544", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93544"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:50:47.134Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.android.com/security/bulletin/2017-01-01.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"}, {"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"}, {"name": "RHSA-2017:2669", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2669"}, {"name": "RHSA-2017:0817", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"}, {"name": "RHSA-2017:2077", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2077"}, {"name": "RHSA-2017:1842", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1842"}, {"name": "93544", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93544"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-7042", "datePublished": "2016-10-16T21:00:00", "dateReserved": "2016-08-23T00:00:00", "dateUpdated": "2024-08-06T01:50:47.134Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2B9219B-3507-4C0A-90B0-3A53254FDCD0", "versionEndIncluding": "4.8.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."}, {"lang": "es", "value": "La funci\u00f3n proc_keys_show en security/keys/proc.c en el kernel de Linux hasta la versi\u00f3n 4.8.2, cuando el protector de pila GNU Compiler Collection (gcc) est\u00e1 habilitado, utiliza un tama\u00f1o de b\u00fafer incorrecto para ciertos datos de tiempo de espera, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria de pila y p\u00e1nico) leyendo el archivo /proc/keys."}], "id": "CVE-2016-7042", "lastModified": "2024-11-21T02:57:20.483", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-16T21:59:10.160", "references": [{"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/93544"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:1842"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:2077"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2017:2669"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"}, {"source": "cve@mitre.org", "url": "https://source.android.com/security/bulletin/2017-01-01.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/93544"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:1842"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:2077"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2017:2669"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://source.android.com/security/bulletin/2017-01-01.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Ondrej Kozina (Red Hat).", "affected_release": [{"advisory": "RHSA-2017:0817", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-696.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-03-21T00:00:00Z"}, {"advisory": "RHSA-2017:2077", "cpe": "cpe:/a:redhat:rhel_extras_rt:7", "package": "kernel-rt-0:3.10.0-693.rt56.617.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:1842", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-693.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2669", "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package": "kernel-rt-1:3.10.0-693.2.1.rt56.585.el6rt", "product_name": "Red Hat Enterprise MRG 2", "release_date": "2017-09-06T00:00:00Z"}], "bugzilla": {"description": "kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled", "id": "1373966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"}, "csaw": false, "cvss": {"cvss_base_score": "4.9", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "status": "verified"}, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-121", "details": ["The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.", "It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks."], "name": "CVE-2016-7042", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2016-10-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-7042\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-7042"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG-2. Future Linux kernel updates for the respective releases might address this issue.", "threat_severity": "Moderate"}