Rapid7 Vulnerability & Exploit Database

Red Hat: CVE-2016-4913: Important: kernel security, bug fix, and enhancement update (Multiple Advisories)

Back to Search

Red Hat: CVE-2016-4913: Important: kernel security, bug fix, and enhancement update (Multiple Advisories)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
05/23/2016
Created
03/19/2019
Added
10/31/2018
Modified
03/03/2021

Description

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.

Solution(s)

  • redhat-upgrade-kernel
  • redhat-upgrade-kernel-rt

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;