cpe:/a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4 cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:15.10 cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ cpe:/o:linux:linux_kernel:4.6.2 cpe:/o:novell:suse_linux_enterprise_debuginfo:11.0:sp4 cpe:/o:novell:suse_linux_enterprise_desktop:12.0 cpe:/o:novell:suse_linux_enterprise_desktop:12.0:sp1 cpe:/o:novell:suse_linux_enterprise_live_patching:12.0 cpe:/o:novell:suse_linux_enterprise_module_for_public_cloud:12 cpe:/o:novell:suse_linux_enterprise_server:11.0:extra cpe:/o:novell:suse_linux_enterprise_server:11.0:sp4 cpe:/o:novell:suse_linux_enterprise_server:12.0 cpe:/o:novell:suse_linux_enterprise_server:12.0:sp1 cpe:/o:novell:suse_linux_enterprise_software_development_kit:12.0 cpe:/o:novell:suse_linux_enterprise_software_development_kit:12.0:sp1 cpe:/o:novell:suse_linux_enterprise_workstation_extension:12.0 cpe:/o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1 CVE-2016-1583 2016-06-27T06:59:03.330-04:00 2018-12-06T17:29:00.300-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2016-08-18T14:45:38.520-04:00 SECTRACK 1036763 EXPLOIT-DB 39992 BID 91157 DEBIAN DSA-3607 REDHAT RHSA-2016:2124 REDHAT RHSA-2016:2766 REDHAT RHSA-2017:2760 SUSE SUSE-SU-2016:1596 SUSE SUSE-SU-2016:1672 SUSE SUSE-SU-2016:1696 SUSE SUSE-SU-2016:1937 SUSE SUSE-SU-2016:1961 SUSE SUSE-SU-2016:1985 SUSE SUSE-SU-2016:1994 SUSE SUSE-SU-2016:1995 SUSE SUSE-SU-2016:2000 SUSE SUSE-SU-2016:2002 SUSE SUSE-SU-2016:2005 SUSE SUSE-SU-2016:2006 SUSE SUSE-SU-2016:2007 SUSE SUSE-SU-2016:2009 SUSE SUSE-SU-2016:2010 SUSE SUSE-SU-2016:2014 SUSE SUSE-SU-2016:2105 UBUNTU USN-2996-1 UBUNTU USN-2997-1 UBUNTU USN-2998-1 UBUNTU USN-2999-1 UBUNTU USN-3000-1 UBUNTU USN-3001-1 UBUNTU USN-3002-1 UBUNTU USN-3003-1 UBUNTU USN-3004-1 UBUNTU USN-3005-1 UBUNTU USN-3006-1 UBUNTU USN-3007-1 UBUNTU USN-3008-1 MLIST [oss-security] 20160610 [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ MLIST [oss-security] 20160622 Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87 CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d MISC http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html MISC https://bugs.chromium.org/p/project-zero/issues/detail?id=836 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1344721 CONFIRM https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87 MISC https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b CONFIRM https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d CONFIRM https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3 SUSE openSUSE-SU-2016:1641 SUSE openSUSE-SU-2016:2184 The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.