CVE-2016-4565 : The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relie

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

Published 2016-05-23 10:59:06

Updated 2025-04-12 10:46:41

Source Debian GNU/Linux

View at NVD, CVE.org

Vulnerability category: Denial of service

Products affected by CVE-2016-4565

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.2 and before (<) 4.4.9
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.3 and before (<) 3.10.103
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.5 and before (<) 4.5.3
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.11 and before (<) 3.12.61
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.15 and before (<) 3.16.36
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.19 and before (<) 4.1.25
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 3.2.81
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.17 and before (<) 3.18.34
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 3.13 and before (<) 3.14.76
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 16.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-4565

EPSS FAQ

0.27%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-4565

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2016-4565

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-4565

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html

[security-announce] SUSE-SU-2016:1961-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1301

RHSA-2016:1301 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3019-1

USN-3019-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3005-1

USN-3005-1: Linux kernel (Xenial HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1341

RHSA-2016:1341 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1581.html

RHSA-2016:1581 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/05/07/1

oss-security - CVE Request: Linux: IB/security: Restrict use of the write() interface'
Mailing List;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html

[security-announce] SUSE-SU-2016:2006-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1617.html

RHSA-2016:1617 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html

[security-announce] SUSE-SU-2016:2000-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html

[security-announce] SUSE-SU-2016:2005-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/90301

Linux Kernel CVE-2016-4565 Local Security Bypass Vulnerability
Third Party Advisory;VDB Entry
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html

[security-announce] SUSE-SU-2016:2003-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3

kernel/git/torvalds/linux.git - Linux kernel source tree
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

[security-announce] SUSE-SU-2016:1672-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3

Vendor Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html

[security-announce] SUSE-SU-2016:2014-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3001-1

USN-3001-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

[security-announce] SUSE-SU-2016:1690-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3

IB/security: Restrict use of the write() interface · torvalds/linux@e6bd18f · GitHub
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html

[security-announce] SUSE-SU-2016:2001-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html

[security-announce] SUSE-SU-2016:1937-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Oracle Linux Bulletin - April 2016
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3007-1

USN-3007-1: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html

[security-announce] openSUSE-SU-2016:1641-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html

[security-announce] SUSE-SU-2016:2010-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3002-1

USN-3002-1: Linux kernel (Wily HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html

[security-announce] SUSE-SU-2016:1995-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
https://bugzilla.redhat.com/show_bug.cgi?id=1310570

1310570 – (CVE-2016-4565) CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko
Issue Tracking;Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html

[security-announce] SUSE-SU-2016:2002-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3021-1

USN-3021-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1406

RHSA-2016:1406 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://www.ubuntu.com/usn/USN-3021-2

USN-3021-2: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html

[security-announce] SUSE-SU-2016:2007-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3003-1

USN-3003-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html

[security-announce] SUSE-SU-2016:2105-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3018-1

USN-3018-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html

[security-announce] SUSE-SU-2016:1985-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1814.html

RHSA-2016:1814 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html

[security-announce] SUSE-SU-2016:1994-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html

[security-announce] SUSE-SU-2016:2009-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Oracle VM Server for x86 Bulletin - July 2016
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html

[security-announce] openSUSE-SU-2016:2184-1: important: Security update
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3004-1

USN-3004-1: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3006-1

USN-3006-1: Linux kernel vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3607

Debian -- Security Information -- DSA-3607-1 linux
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1640.html

RHSA-2016:1640 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1489.html

RHSA-2016:1489 - Security Advisory - Red Hat Customer Portal
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html

[security-announce] SUSE-SU-2016:2011-1: important: Security update for
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Oracle Linux Bulletin - July 2016
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1277

RHSA-2016:1277 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3018-2

USN-3018-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1657.html

RHSA-2016:1657 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-4565

Products affected by CVE-2016-4565

Exploit prediction scoring system (EPSS) score for CVE-2016-4565

CVSS scores for CVE-2016-4565

CWE ids for CVE-2016-4565

References for CVE-2016-4565