QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1583

Published: Jun 27, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:2010

vendor-advisory

x_refsource_SUSE

https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3

x_refsource_CONFIRM

SUSE-SU-2016:1696

vendor-advisory

x_refsource_SUSE

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d

x_refsource_CONFIRM

SUSE-SU-2016:1994

vendor-advisory

x_refsource_SUSE

exploit

x_refsource_EXPLOIT-DB

SUSE-SU-2016:1961

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

https://bugs.chromium.org/p/project-zero/issues/detail?id=836

x_refsource_MISC

SUSE-SU-2016:1985

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_BID

openSUSE-SU-2016:2184

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87

x_refsource_CONFIRM

SUSE-SU-2016:2006

vendor-advisory

x_refsource_SUSE

[oss-security] 20160610 [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ

mailing-list

x_refsource_MLIST

SUSE-SU-2016:2014

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:1641

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b

x_refsource_MISC

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_SECTRACK

https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1672

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2009

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:1596

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:2005

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2007

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:2000

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1995

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2105

vendor-advisory

x_refsource_SUSE

[oss-security] 20160622 Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ

mailing-list

x_refsource_MLIST

SUSE-SU-2016:2002

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=1344721

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html

x_refsource_MISC

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1937

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.