CVE-2016-6187

HIGH

Linux kernel <4.6.5 - Privilege Escalation

Title source: llm

Description

The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.

Exploits (3)

exploitdb WORKING POC

by Vitaly Nikolenko · cdoslinux

https://www.exploit-db.com/exploits/44301

View Code ZIP pw:eip

nomisec WORKING POC 7 stars

by Milo-D · poc

https://github.com/Milo-D/CVE-2016-6187_LPE

View Code ZIP pw:eip

nomisec WORKING POC 5 stars

by vnik5287 · poc

https://github.com/vnik5287/cve-2016-6187-poc

View Code ZIP pw:eip

References (7)

[Issue Tracking, Patch] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca

[Third Party Advisory] http://marc.info/?l=linux-kernel&m=146793642811929&w=2

[Release Notes] http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.5

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/07/09/2

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/91696

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=1354383

[Issue Tracking, Patch] https://github.com/torvalds/linux/commit/30a46a4647fd1df9cf52e43bf467f0d9265096ca

Scores

CVSS v3 7.8

EPSS 0.0783

EPSS Percentile 92.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119 CWE-264

Status published

Products (1)

linux/linux_kernel 4.5 - 4.6.5

Published Aug 06, 2016

Tracked Since Feb 18, 2026