CVE-2016-5243

Impact:
Low
Public Date:
2016-06-03
CWE:
CWE-200
Bugzilla:
1343335: CVE-2016-5243 kernel: Information leak in tipc_nl_compat_link_dump
A leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.

Find out more about CVE-2016-5243 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue does not affect Red Hat Enterprise Linux 5,6 or 7 kernels as it does not contain the code that has introduced the flaw.

CVSS v2 metrics

NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.

Base Score 1.9
Base Metrics AV:L/AC:M/Au:N/C:P/I:N/A:N
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 7 kernel-rt Not affected
Red Hat Enterprise Linux 7 kernel Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected
Last Modified