vulnerability
Ubuntu: (Multiple Advisories) (CVE-2016-2085): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:N/I:P/A:N) | Apr 11, 2016 | Apr 11, 2016 | Mar 27, 2026 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
Apr 11, 2016
Added
Apr 11, 2016
Modified
Mar 27, 2026
Description
The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.
Solutions
ubuntu-upgrade-linux-image-3-13-0-85-genericubuntu-upgrade-linux-image-3-13-0-85-generic-lpaeubuntu-upgrade-linux-image-3-13-0-85-lowlatencyubuntu-upgrade-linux-image-3-13-0-85-powerpc-e500ubuntu-upgrade-linux-image-3-13-0-85-powerpc-e500mcubuntu-upgrade-linux-image-3-13-0-85-powerpc-smpubuntu-upgrade-linux-image-3-13-0-85-powerpc64-embubuntu-upgrade-linux-image-3-13-0-85-powerpc64-smpubuntu-upgrade-linux-image-3-16-0-69-genericubuntu-upgrade-linux-image-3-16-0-69-generic-lpaeubuntu-upgrade-linux-image-3-16-0-69-lowlatencyubuntu-upgrade-linux-image-3-16-0-69-powerpc-e500mcubuntu-upgrade-linux-image-3-16-0-69-powerpc-smpubuntu-upgrade-linux-image-3-16-0-69-powerpc64-embubuntu-upgrade-linux-image-3-16-0-69-powerpc64-smpubuntu-upgrade-linux-image-3-19-0-58-genericubuntu-upgrade-linux-image-3-19-0-58-generic-lpaeubuntu-upgrade-linux-image-3-19-0-58-lowlatencyubuntu-upgrade-linux-image-3-19-0-58-powerpc-e500mcubuntu-upgrade-linux-image-3-19-0-58-powerpc-smpubuntu-upgrade-linux-image-3-19-0-58-powerpc64-embubuntu-upgrade-linux-image-3-19-0-58-powerpc64-smpubuntu-upgrade-linux-image-4-2-0-1028-raspi2ubuntu-upgrade-linux-image-4-2-0-35-genericubuntu-upgrade-linux-image-4-2-0-35-generic-lpaeubuntu-upgrade-linux-image-4-2-0-35-lowlatencyubuntu-upgrade-linux-image-4-2-0-35-powerpc-e500mcubuntu-upgrade-linux-image-4-2-0-35-powerpc-smpubuntu-upgrade-linux-image-4-2-0-35-powerpc64-embubuntu-upgrade-linux-image-4-2-0-35-powerpc64-smp
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.