[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2016-9604Date: (C)2018-07-12   (M)2024-04-19


It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 4.4CVSS Score : 2.1
Exploit Score: 0.8Exploit Score: 3.9
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: HIGHAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: NONE
Integrity: HIGH 
Availability: NONE 
  
Reference:
BID-102135
RHSA-2017:1842
RHSA-2017:2077
RHSA-2017:2669
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-9604.html
https://bugzilla.novell.com/show_bug.cgi?id=1035576
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9604
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee8f844e3c5a73b999edf733df1c529d6503ec2f

CPE    7
cpe:/o:linux:linux_kernel:4.11:rc6
cpe:/o:linux:linux_kernel:4.11:rc5
cpe:/o:linux:linux_kernel:4.11:rc7
cpe:/o:linux:linux_kernel:4.11:rc2
...
CWE    1
CWE-347
OVAL    24
oval:org.secpod.oval:def:112328
oval:org.secpod.oval:def:1501991
oval:org.secpod.oval:def:1501951
oval:org.secpod.oval:def:1501999
...

© SecPod Technologies