Vulnerability Name:

CVE-2016-7042

Assigned:2016-10-13
Published:2016-10-13
Updated:2018-01-04
Summary:The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
CVSS v3 Severity:6.2 Medium (CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.5 Medium (Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
6.2 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
5.5 Medium (CCN Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.5 Medium (REDHAT CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
4.9 Medium (REDHAT Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:4.9 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
4.9 Medium (REDHAT CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-119
CWE-121
References:Source: REDHAT
Type: UNKNOWN
RHSA-2017:0817

Source: MLIST
Type: UNKNOWN
[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)

Source: BID
Type: UNKNOWN
93544

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1842

Source: REDHAT
Type: UNKNOWN
RHSA-2017:2077

Source: REDHAT
Type: UNKNOWN
RHSA-2017:2669

Source: CONFIRM
Type: VENDOR_ADVISORY
https://bugzilla.redhat.com/show_bug.cgi?id=1373966

Source: XF
Type: UNKNOWN
linux-kernel-cve20167042-dos(118133)

Source: CONFIRM
Type: UNKNOWN
https://source.android.com/security/bulletin/2017-01-01.html

Vulnerable Configuration:Configuration 1:
  • cpe:/o:linux:linux_kernel:4.8.2:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/a:redhat:rhel_extras_rt:7:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/o:linux:linux_kernel:4.8.2:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerkvm:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_network_security:5.4:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20167042
    V
    CVE-2016-7042
    2018-09-18
    oval:com.redhat.rhsa:def:20171842
    P
    RHSA-2017:1842: kernel security, bug fix, and enhancement update (Important)
    2017-08-01
    oval:com.redhat.rhsa:def:20172077
    P
    RHSA-2017:2077: kernel-rt security, bug fix, and enhancement update (Important)
    2017-08-01
    oval:com.redhat.rhsa:def:20170817
    P
    RHSA-2017:0817: kernel security, bug fix, and enhancement update (Moderate)
    2017-03-21
    oval:org.cisecurity:def:1337
    P
    DSA-3696-1 -- linux -- security update
    2016-12-09
    oval:com.ubuntu.trusty:def:20167042000
    V
    CVE-2016-7042 on Ubuntu 14.04 LTS (trusty) - medium.
    2016-10-16
    oval:com.ubuntu.xenial:def:20167042000
    V
    CVE-2016-7042 on Ubuntu 16.04 LTS (xenial) - medium.
    2016-10-16
    oval:com.ubuntu.precise:def:20167042000
    V
    CVE-2016-7042 on Ubuntu 12.04 LTS (precise) - medium.
    2016-10-16
    BACK
    linux linux kernel 4.8.2
    linux linux kernel 4.8.2
    ibm powerkvm 2.1
    ibm powerkvm 3.1
    redhat enterprise linux desktop 6.0
    redhat enterprise linux server 6.0
    redhat enterprise linux workstation 6.0
    ibm qradar network security 5.4