QwikSec

Security Database

CVE

CWE

Training

CVE-2016-5728

Published: Jun 27, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (memory corruption and system crash) by changing a certain header, aka a "double fetch" vulnerability.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_UBUNTU

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.1

x_refsource_CONFIRM

https://bugzilla.kernel.org/show_bug.cgi?id=116651

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

https://github.com/torvalds/linux/commit/9bf292bfca94694a721449e3fd752493856710f6

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9bf292bfca94694a721449e3fd752493856710f6

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_UBUNTU

20160630 [CVE-2016-5728] Double-Fetch Vulnerability in Linux-4.5/drivers/misc/mic/host/mic_virtio.c

mailing-list

x_refsource_BUGTRAQ

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.