CVE-2016-3699
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
Known Affected Software
3 configuration(s) from 2 vendor(s)
linux_kernel
Version:
-
CPE:
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
enterprise_mrg
Version:
2.0
CPE:
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*
linux
Version:
7.2
CPE:
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
This vulnerability affects 3 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://rhn.redhat.com/errata/RHSA-2016-2574.htmlsecalert@redhat.com
-
http://rhn.redhat.com/errata/RHSA-2016-2584.htmlsecalert@redhat.com
-
http://www.openwall.com/lists/oss-security/2016/09/22/4secalert@redhat.com Third Party Advisory
-
http://www.securityfocus.com/bid/93114secalert@redhat.com Broken Link
-
https://bugzilla.redhat.com/show_bug.cgi?id=1329653secalert@redhat.com Issue Tracking Patch Third Party Advisory VDB Entry
-
https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76secalert@redhat.com Exploit
-
http://rhn.redhat.com/errata/RHSA-2016-2574.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://rhn.redhat.com/errata/RHSA-2016-2584.htmlaf854a3a-2127-422b-91ae-364da2661108
-
http://www.openwall.com/lists/oss-security/2016/09/22/4af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
-
http://www.securityfocus.com/bid/93114af854a3a-2127-422b-91ae-364da2661108 Broken Link
-
https://bugzilla.redhat.com/show_bug.cgi?id=1329653af854a3a-2127-422b-91ae-364da2661108 Issue Tracking Patch Third Party Advisory VDB Entry
-
https://github.com/mjg59/linux/commit/a4a5ed2835e8ea042868b7401dced3f517cafa76af854a3a-2127-422b-91ae-364da2661108 Exploit
Severity Details
out of 10.0
Low
Key Information
- Published Date
- October 07, 2016
