CVE-2016-4486

LOW

Novell Suse Linux Enterprise Software... - Information Disclosure

Title source: rule

Description

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

Exploits (1)

exploitdb WORKING POC

by Jinbum Park · clocallinux

https://www.exploit-db.com/exploits/46006

View Code ZIP pw:eip

References (29)

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html

[Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

[Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

[Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html

[Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html

[Mailing List] http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html

[Vendor Advisory] http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5

[Third Party Advisory] http://www.ubuntu.com/usn/USN-2989-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-2996-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-2997-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-2998-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3000-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3001-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3002-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3003-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3004-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3005-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3006-1

[Third Party Advisory] http://www.ubuntu.com/usn/USN-3007-1

[Issue Tracking, Third Party Advisory, VDB Entry] https://bugzilla.redhat.com/show_bug.cgi?id=1333316

... and 9 more

Scores

CVSS v3 3.3

EPSS 0.0052

EPSS Percentile 66.9%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE

CWE-200

Status published

Products (15)

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 15.10

canonical/ubuntu_linux 16.04

linux/linux_kernel < 4.5.4

novell/suse_linux_enterprise_debuginfo 11.0 sp4

novell/suse_linux_enterprise_desktop 12.0 (2 CPE variants)

novell/suse_linux_enterprise_live_patching 12.0

novell/suse_linux_enterprise_module_for_public_cloud 12.0

novell/suse_linux_enterprise_real_time_extension 12.0 sp1

... and 5 more

Published May 23, 2016

Tracked Since Feb 18, 2026