CVE - CVE-2016-4565

CVE-ID
CVE-2016-4565	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface' URL:http://www.openwall.com/lists/oss-security/2016/05/07/1 CONFIRM:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 CONFIRM:http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3 CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1310570 CONFIRM:https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3 CONFIRM:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html DEBIAN:DSA-3607 URL:http://www.debian.org/security/2016/dsa-3607 REDHAT:RHSA-2016:1277 URL:https://access.redhat.com/errata/RHSA-2016:1277 REDHAT:RHSA-2016:1301 URL:https://access.redhat.com/errata/RHSA-2016:1301 REDHAT:RHSA-2016:1341 URL:https://access.redhat.com/errata/RHSA-2016:1341 REDHAT:RHSA-2016:1814 URL:http://rhn.redhat.com/errata/RHSA-2016-1814.html REDHAT:RHSA-2016:1489 URL:http://rhn.redhat.com/errata/RHSA-2016-1489.html REDHAT:RHSA-2016:1581 URL:http://rhn.redhat.com/errata/RHSA-2016-1581.html REDHAT:RHSA-2016:1617 URL:http://rhn.redhat.com/errata/RHSA-2016-1617.html REDHAT:RHSA-2016:1640 URL:http://rhn.redhat.com/errata/RHSA-2016-1640.html REDHAT:RHSA-2016:1657 URL:http://rhn.redhat.com/errata/RHSA-2016-1657.html REDHAT:RHSA-2016:1406 URL:https://access.redhat.com/errata/RHSA-2016:1406 SUSE:SUSE-SU-2016:1672 URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html SUSE:SUSE-SU-2016:1690 URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html SUSE:SUSE-SU-2016:1937 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html SUSE:openSUSE-SU-2016:1641 URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html SUSE:SUSE-SU-2016:1985 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html SUSE:SUSE-SU-2016:2000 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html SUSE:SUSE-SU-2016:2001 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html SUSE:SUSE-SU-2016:2002 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html SUSE:SUSE-SU-2016:2003 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html SUSE:SUSE-SU-2016:2006 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html SUSE:SUSE-SU-2016:2007 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html SUSE:SUSE-SU-2016:2010 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html SUSE:SUSE-SU-2016:2011 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html SUSE:SUSE-SU-2016:1961 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html SUSE:SUSE-SU-2016:1994 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html SUSE:SUSE-SU-2016:1995 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html SUSE:SUSE-SU-2016:2005 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html SUSE:SUSE-SU-2016:2009 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html SUSE:SUSE-SU-2016:2014 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html SUSE:SUSE-SU-2016:2105 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html SUSE:openSUSE-SU-2016:2184 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html UBUNTU:USN-3018-1 URL:http://www.ubuntu.com/usn/USN-3018-1 UBUNTU:USN-3018-2 URL:http://www.ubuntu.com/usn/USN-3018-2 UBUNTU:USN-3019-1 URL:http://www.ubuntu.com/usn/USN-3019-1 UBUNTU:USN-3001-1 URL:http://www.ubuntu.com/usn/USN-3001-1 UBUNTU:USN-3002-1 URL:http://www.ubuntu.com/usn/USN-3002-1 UBUNTU:USN-3003-1 URL:http://www.ubuntu.com/usn/USN-3003-1 UBUNTU:USN-3004-1 URL:http://www.ubuntu.com/usn/USN-3004-1 UBUNTU:USN-3005-1 URL:http://www.ubuntu.com/usn/USN-3005-1 UBUNTU:USN-3006-1 URL:http://www.ubuntu.com/usn/USN-3006-1 UBUNTU:USN-3007-1 URL:http://www.ubuntu.com/usn/USN-3007-1 UBUNTU:USN-3021-1 URL:http://www.ubuntu.com/usn/USN-3021-1 UBUNTU:USN-3021-2 URL:http://www.ubuntu.com/usn/USN-3021-2 BID:90301 URL:http://www.securityfocus.com/bid/90301
Assigning CNA
N/A
Date Entry Created
20160507	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20160507)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org