CVE-2016-2847
medium
CVSS v3
6.2
CVSS v2
4.9
VIR risk
6.2
Description
fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
Predictions
Exploit likelihood
62%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2016-2847
Vendor advisory: secalert@redhat.com — http://www.openwall.com/lists/oss-security/2016/03/01/3
Vendor advisory: secalert@redhat.com — http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2016-2847.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| sles | affected | | |
| debian | bookworm | fixed | 4.3.5-1 |
| debian | bullseye | fixed | 4.3.5-1 |
| debian | forky | fixed | 4.3.5-1 |
| debian | sid | fixed | 4.3.5-1 |
| debian | trixie | fixed | 4.3.5-1 |
| suse | 11.0 | affected | |
| suse | 12.0 | affected | |
| linux-kernel | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| novell | suse_linux_enterprise_software_development_kit | 11.0 | |
| novell | suse_linux_enterprise_software_development_kit | 12.0 | |
References
- https://www.suse.com/security/cve/CVE-2016-2847.html
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
- http://rhn.redhat.com/errata/RHSA-2016-2574.html
- http://rhn.redhat.com/errata/RHSA-2016-2584.html
- http://rhn.redhat.com/errata/RHSA-2017-0217.html
- http://www.debian.org/security/2016/dsa-3503
- http://www.openwall.com/lists/oss-security/2016/03/01/3
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.securityfocus.com/bid/83870
- http://www.ubuntu.com/usn/USN-2946-1
- http://www.ubuntu.com/usn/USN-2946-2
- http://www.ubuntu.com/usn/USN-2947-1
- http://www.ubuntu.com/usn/USN-2947-2
- http://www.ubuntu.com/usn/USN-2947-3
- http://www.ubuntu.com/usn/USN-2948-1
- http://www.ubuntu.com/usn/USN-2948-2
- http://www.ubuntu.com/usn/USN-2949-1
CWEs
CWE-399
Verify integrity in audit chain (admin only). AS-IS.