CVE-2016-2069

HIGH

Linux Kernel < 4.4 - Race Condition in TLB Paging Structure Access

Title source: llm
STIX 2.1

Description

Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU.

References (22)

Core 22
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/81809
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2967-1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/01/25/1
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2016/dsa-3503
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2967-2
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-2584.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-2574.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2017-0817.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2932-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2989-1
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1301893
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2931-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2998-1

Scores

CVSS v3 7.4
EPSS 0.0032
EPSS Percentile 23.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (3)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
linux/linux_kernel < 4.4
Published Apr 27, 2016
Tracked Since Feb 18, 2026