CVE-2016-7425 in Kernelinfo

Summary

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

09/09/2016

Disclosure

10/16/2016

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
92734Linux Kernel arcmsr_hba.c arcmsr_iop_message_xfer memory corruption119Not definedOfficial fixCVE-2016-7425

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!