Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-1583

CWE-119 — Buffer Overflow CWE-121 — Stack-based Buffer Overflow32 documents12 sources

Severity

7.8HIGH

EPSS

0.4%

top 41.40%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Linux Linux Kernel Canonical Ubuntu Linux Debian Debian Linux +7 more

Timeline

PublishedJun 27

Latest updateMay 14

Description

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages9 packages

▶NVDlinux/linux_kernel2.6.19 — 3.18.54+2

▶Debianlinux< 4.6.2-1+3

▶NVDnovell/suse_linux_enterprise_module12

▶NVDnovell/suse_linux_enterprise_server11.0, 12.0+1

▶NVDnovell/suse_linux_enterprise_desktop12.0

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 15.10, 16.04

🔴Vulnerability Details

GHSA

GHSA-hgx4-cgxm-99gj: The ecryptfs_privileged_open function in fs/ecryptfs/kthread↗2022-05-14

▶

Kernel

Merge tag 'ecryptfs-4.7-rc7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tyhicks/ecryptfs↗2016-07-08

▶

Kernel

ecryptfs: don't allow mmap when the lower fs doesn't support it↗2016-07-05

▶

CVEList

CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread↗2016-06-27

▶

OSV

CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread↗2016-06-27

▶

💥Exploits & PoCs

Exploit-DB

Linux Kernel - 'ecryptfs' '/proc/$pid/environ' Local Privilege Escalation↗2016-06-21

▶

📋Vendor Advisories

Android

CVE-2016-1583: Android Security Bulletin 2016-09-01 CVE: CVE-2016-1583 Severity: HIGH References: A-29444228 Upstream kernel↗2016-09-01

▶

Ubuntu

Linux kernel vulnerabilities↗2016-06-10

▶

Ubuntu

Linux kernel (OMAP4) vulnerabilities↗2016-06-10

▶

Ubuntu

Linux kernel (Xenial HWE) vulnerabilities↗2016-06-10

▶

Ubuntu

Linux kernel vulnerabilities↗2016-06-10

▶

💬Community

Bugzilla

CVE-2016-1583 kernel: Stack overflow via ecryptfs and /proc/$pid/environ [fedora-all]↗2016-06-10

▶

Bugzilla

CVE-2016-1583 kernel: Stack overflow via ecryptfs and /proc/$pid/environ↗2016-06-10

▶