CVE-2016-3695 in Linux
Summary
by MITRE
The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelevel is set.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 01/19/2023
The CVE-2016-3695 vulnerability resides within the Linux kernel's Advanced Persistent Error Injection (APEI) subsystem, specifically in the einj_error_inject function located in drivers/acpi/apei/einj.c. This flaw represents a critical security oversight that enables local attackers to simulate hardware errors through the Error Injection (EINJ) interface, potentially leading to system-wide denial of service conditions. The vulnerability manifests when the kernel fails to properly disable APEI error injection mechanisms during securelevel operations, creating an exploitable path for privilege escalation and system instability.
The technical implementation of this vulnerability stems from inadequate access controls and validation within the ACPI error injection framework. When the securelevel parameter is set, the system should enforce strict restrictions on error injection capabilities to prevent unauthorized hardware error simulation. However, the einj_error_inject function does not properly validate or restrict these operations, allowing local users to bypass security boundaries and inject synthetic hardware errors. This behavior directly violates the principle of least privilege and creates an attack surface that can be leveraged to disrupt system operations.
From an operational impact perspective, this vulnerability presents a significant threat to system availability and stability. Local users can exploit this flaw to trigger hardware error injection sequences that may cause kernel panics, system crashes, or other forms of denial of service conditions. The attack vector is particularly concerning because it requires only local access and does not necessitate network connectivity or elevated privileges beyond standard user accounts. The potential for persistent system disruption makes this vulnerability especially dangerous in production environments where system reliability is paramount.
The vulnerability aligns with CWE-284 (Improper Access Control) and CWE-362 (Concurrent Execution using Shared Resource with Improper Synchronization) categories, reflecting both access control failures and improper resource management within the kernel's error injection subsystem. From an ATT&CK framework perspective, this vulnerability maps to T1068 (Local Privilege Escalation) and T1499 (Endpoint Denial of Service) techniques, as attackers can leverage it to achieve system instability and potentially elevate privileges through crafted error injection sequences.
Mitigation strategies for CVE-2016-3695 should prioritize immediate kernel updates to versions containing the appropriate patches that properly disable APEI error injection when securelevel is active. System administrators should also implement restrictive access controls on ACPI error injection interfaces and monitor for unusual error injection activities. Additional protective measures include disabling unnecessary ACPI error injection capabilities in production environments and implementing proper logging mechanisms to detect unauthorized error injection attempts. The vulnerability underscores the importance of comprehensive kernel security testing and proper validation of access controls in critical system subsystems.