Vulnerability Details : CVE-2016-6241
Integer overflow in the amap_alloc1 function in OpenBSD 5.8 and 5.9 allows local users to execute arbitrary code with kernel privileges via a large size value.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2016-6241
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-6241
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-6241
-
The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-6241
-
http://www.openwall.com/lists/oss-security/2016/07/14/5
oss-security - Multiple Bugs in OpenBSD KernelMailing List;Third Party Advisory
-
http://www.openbsd.org/errata59.html
OpenBSD 5.9 ErrataRelease Notes
-
http://www.openbsd.org/errata58.html
OpenBSD 5.8 ErrataRelease Notes
-
http://www.securityfocus.com/bid/91805
OpenBSD Multiple Memory Corruption and Denial of Service Vulnerabilities
-
http://www.openwall.com/lists/oss-security/2016/07/17/7
oss-security - Re: Multiple Bugs in OpenBSD KernelExploit;Mailing List;Third Party Advisory
-
http://www.securitytracker.com/id/1036318
OpenBSD sys_mmap() Resource Bug Lets Local Users Cause Denial of Service Conditions on the Target System - SecurityTracker
Products affected by CVE-2016-6241
- cpe:2.3:o:openbsd:openbsd:5.9:*:*:*:*:*:*:*
- cpe:2.3:o:openbsd:openbsd:5.8:*:*:*:*:*:*:*