Oval Definition:	oval:com.ubuntu.precise:def:20167916000
Revision Date: 2016-11-16 Version: 1 Title: CVE-2016-7916 on Ubuntu 12.04 LTS (precise) - medium. Description: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete. It was discovered that a race condition existed in the procfs environ_read function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information (kernel memory). Family: unix Class: vulnerability Status: Reference(s): CVE-2016-7916 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'linux' package in precise was vulnerable but has been fixed (note: '3.2.0-119.162'). OR The 'linux-armadaxp' package in precise was vulnerable but has been fixed (note: '3.2.0-1680.107'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'end-of-life'). OR The 'linux-lts-trusty' package in precise was vulnerable but has been fixed (note: '3.13.0-106.153~precise1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'abandoned'). OR The 'linux-ti-omap4' package in precise was vulnerable but has been fixed (note: '3.2.0-1497.124').
BACK