QwikSec

Security Database

CVE

CWE

Training

CVE-2016-4951

Published: May 23, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel through 4.6 does not verify socket existence, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20160521 Re: CVE request: -- Linux kernel: Null pointer dereference in tipc_nl_publ_dump

mailing-list

x_refsource_MLIST

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2016:1641

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/45e093ae2830cd1264677d47ff9a95a71f5d9f9c

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45e093ae2830cd1264677d47ff9a95a71f5d9f9c

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

[netdev] 20160514 BUG: net/tipc: NULL-ptr dereference in tipc_nl_publ_dump

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.