NVD

Id
21069  
Name
CVE-2016-6198  
Description
The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after an OverlayFS file is renamed to a self-hardlink, which allows local users to cause a denial of service (system crash) via a rename system call, related to fs/namei.c and fs/open.c.  
Reject
 
CVSS Version
2  
CVSS Score
4.9  
Severity
Medium  
CVSS Base Score
4.9  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-01-19  
Published
2016-08-06  
Modified Date
2016-11-28  
Seq
2016-6198  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
114660 21069 CVE-2016-6198 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d5ca871e72f2bb172ec9323497f01cd5091ec7  View
114661 21069 CVE-2016-6198 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca  View
114662 21069 CVE-2016-6198 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5  View
114663 21069 CVE-2016-6198 [oss-security] 20160711 Re: cvs request: local DoS using rename syscall on overlayfs on top of xfs to crash the kernel - Linux kernel  View
114664 21069 CVE-2016-6198 http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html  View
114665 21069 CVE-2016-6198 http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html  View
114666 21069 CVE-2016-6198 91709  View
114667 21069 CVE-2016-6198 https://bugzilla.redhat.com/show_bug.cgi?id=1355654  View
114668 21069 CVE-2016-6198 https://github.com/torvalds/linux/commit/54d5ca871e72f2bb172ec9323497f01cd5091ec7  View
114669 21069 CVE-2016-6198 https://github.com/torvalds/linux/commit/9409e22acdfc9153f88d9b1ed2bd2a5b34d2d3ca  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
3608 JVNDB-2016-004381 Linux Kernel のファイルシステムレイヤにおけるサービス運用妨害 (DoS) の脆弱性 Linux Kernel のファイルシステムレイヤは、OverlayFS ファイルが自己のハードリンク (self-hardlink) にリネームされた後、リネーム後の操作 (post-rename operations) を続行するため、サービス運用妨害 (システムクラッシュ) 状態にされる脆弱性が存在します。 CVE-2016-6198 92705 CVE-2016-6198 21069 4.9 5.5 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004381.html 2016-05-18 2016-11-16 View