NVD

Id
21655  
Name
CVE-2016-7117  
Description
Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2016-10-10  
Modified Date
2017-01-06  
Seq
2016-7117  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
116442 21655 CVE-2016-7117 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d  View
116443 21655 CVE-2016-7117 RHSA-2016:2962  View
116444 21655 CVE-2016-7117 http://source.android.com/security/bulletin/2016-10-01.html  View
116445 21655 CVE-2016-7117 http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2  View
116446 21655 CVE-2016-7117 93304  View
116447 21655 CVE-2016-7117 https://bugzilla.novell.com/show_bug.cgi?id=1003077  View
116448 21655 CVE-2016-7117 https://bugzilla.redhat.com/show_bug.cgi?id=1382268  View
116449 21655 CVE-2016-7117 https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d  View
116450 21655 CVE-2016-7117 https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html  View
116451 21655 CVE-2016-7117 https://security-tracker.debian.org/tracker/CVE-2016-7117  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
4413 JVNDB-2016-005186 Linux Kernel の net/socket.c の __sys_recvmmsg 関数における任意のコードを実行される脆弱性 Linux Kernel の net/socket.c の __sys_recvmmsg 関数には、解放済みメモリの使用 (Use-after-free) により、任意のコードを実行される脆弱性が存在します。 CVE-2016-7117 93624 CVE-2016-7117 21655 10 9.8 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005186.html 2016-04-20 2016-10-13 View