Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2016-0728

Published

8 years ago

Last Modified

1 year ago

CVSSv2.0 Severity

High

CVSSv3.1 Severity

High

Impact Analysis

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands..

CVSSv2.0 Score

Severity: High
Base Score: 7.2/10
Exploit Score: 3.9/10
Access Vector: Local
Access Complexity: Low
Authentication Required: None
Impact Score: 10/10
Confidentiality Impact: Complete
Availability Impact: Complete
Integrity Impact: Complete

CVSSv3.1 Score

Severity: High
Base Score: 7.8/10
Exploit Score: 1.8/10
Access Vector: Local
Access Complexity: Low
Privileges Required: Low
Impact Score: 5.9/10
Confidentiality Impact: High
Availability Impact: High
Integrity Impact: High
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:o:google:android:5.1.0:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.2:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:5.0.2:::::::*	Yes	-	-
cpe:2.3:o:google:android:6.0.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:6.0:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.0.2:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.4.3:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.0.4:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.3:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.0.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.2.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:5.0.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:5.0:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.0.3:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.0:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.4:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.4.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:5.1.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.2.2:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.3.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.4.2:::::::*	Yes	-	-
cpe:2.3:o:google:android:5.1:::::::*	Yes	-	-
cpe:2.3:o:google:android:4.1.2:::::::*	Yes	-	-
cpe:2.3:a:hp:server_migration_pack::::::::	Yes	-	-
cpe:2.3:o:linux:linux_kernel::::::::	Yes	3.15	3.16.35
cpe:2.3:o:linux:linux_kernel::::::::	Yes	3.11	3.12.53
cpe:2.3:o:linux:linux_kernel::::::::	Yes	3.8	3.10.95
cpe:2.3:o:linux:linux_kernel::::::::	Yes	3.13	3.14.59
cpe:2.3:o:linux:linux_kernel::::::::	Yes	3.17	3.18.26
cpe:2.3:o:linux:linux_kernel::::::::	Yes	3.19	4.1.16
cpe:2.3:o:linux:linux_kernel::::::::	Yes	4.2	4.3.4
cpe:2.3:o:linux:linux_kernel::::::::	Yes	4.4	4.4.1
cpe:2.3:o:debian:debian_linux:8.0:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2016-0728

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2016-0728

CVE information

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References