Back to search
CVE-2016-4913
Published: May 23, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2018:3083
vendor-advisory
x_refsource_REDHAT
USN-3017-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:1985
vendor-advisory
x_refsource_SUSE
USN-3017-3
vendor-advisory
x_refsource_UBUNTU
USN-3018-2
vendor-advisory
x_refsource_UBUNTU
USN-3021-2
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1337528
x_refsource_CONFIRM
USN-3017-2
vendor-advisory
x_refsource_UBUNTU
USN-3019-1
vendor-advisory
x_refsource_UBUNTU
DSA-3607
vendor-advisory
x_refsource_DEBIAN
USN-3016-2
vendor-advisory
x_refsource_UBUNTU
USN-3016-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:1672
vendor-advisory
x_refsource_SUSE
USN-3021-1
vendor-advisory
x_refsource_UBUNTU
USN-3018-1
vendor-advisory
x_refsource_UBUNTU
[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c
mailing-list
x_refsource_MLIST
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5
x_refsource_CONFIRM
90730
vdb-entry
x_refsource_BID
USN-3016-3
vendor-advisory
x_refsource_UBUNTU
USN-3016-4
vendor-advisory
x_refsource_UBUNTU
RHSA-2018:3096
vendor-advisory
x_refsource_REDHAT
USN-3020-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now