cvelist/2016/2xxx/CVE-2016-2143.json

194 lines
8.3 KiB
JSON
Raw Normal View History

2017-10-16 12:31:07 -04:00
{
2023-02-02 16:01:00 +00:00
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
2019-03-18 07:16:20 +00:00
"CVE_data_meta": {
"ID": "CVE-2016-2143",
2023-02-02 16:01:00 +00:00
"ASSIGNER": "secalert@redhat.com",
2019-03-18 07:16:20 +00:00
"STATE": "PUBLIC"
},
2023-02-02 16:01:00 +00:00
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was reported that on s390x, the fork of a process with four page table levels will cause memory corruption with a variety of symptoms. All processes are created with three level page table and a limit of 4TB for the address space. If the parent process has four page table levels with a limit of 8PB, the function that duplicates the address space will try to copy memory areas outside of the address space limit for the child process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
2019-03-18 07:16:20 +00:00
"affects": {
"vendor": {
"vendor_data": [
{
2023-02-02 16:01:00 +00:00
"vendor_name": "Red Hat",
2019-03-18 07:16:20 +00:00
"product": {
"product_data": [
{
2023-02-02 16:01:00 +00:00
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-642.11.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
2019-03-18 07:16:20 +00:00
"version": {
"version_data": [
{
2023-02-02 16:01:00 +00:00
"version_value": "0:3.10.0-327.28.2.el7",
"version_affected": "!"
2019-03-18 07:16:20 +00:00
}
]
}
}
]
2023-02-02 16:01:00 +00:00
}
2019-03-18 07:16:20 +00:00
}
]
}
},
"references": {
"reference_data": [
{
2023-02-02 16:01:00 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://www.debian.org/security/2016/dsa-3607",
"refsource": "MISC",
"name": "http://www.debian.org/security/2016/dsa-3607"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2016-1539.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-1539.html"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "https://access.redhat.com/errata/RHSA-2016:1539",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:1539"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3446c13b268af86391d06611327006b059b8bab1"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00019.html"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "http://rhn.redhat.com/errata/RHSA-2016-2766.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-2766.html"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "https://access.redhat.com/errata/RHSA-2016:2766",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:2766"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "https://access.redhat.com/security/cve/CVE-2016-2143",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2016-2143"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1308908",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1308908"
},
{
"url": "https://github.com/torvalds/linux/commit/3446c13b268af86391d06611327006b059b8bab1",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/3446c13b268af86391d06611327006b059b8bab1"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2143",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2016-2143"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
2019-03-18 07:16:20 +00:00
},
{
2023-02-02 16:01:00 +00:00
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
2019-03-18 07:16:20 +00:00
}
]
}
}