Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-2856 — Glibc vulnerability

CWE-2649 documents6 sources

Severity

8.4HIGHNVD

OSV2.6

EPSS

0.7%

top 28.32%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

GNU Glibc Eglibc Debian Glibc +2 more

Timeline

PublishedMar 14

Latest updateMay 17

Description

pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to…

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/glibc< glibc 2.21-1 (bookworm)

▶Debiangnu/glibc< 2.21-1+3

▶Ubuntueglibc/eglibc< 2.19-0ubuntu6.8+1

Also affects: Ubuntu Linux 12.04, 14.04, 15.10, Debian Linux 8.0

🔴Vulnerability Details

GHSA

GHSA-2wf2-64hh-9h2m: pt_chown in the glibc package before 2↗2022-05-17

▶

OSV

eglibc, glibc regression↗2016-05-26

▶

OSV

eglibc, glibc vulnerabilities↗2016-05-25

▶

OSV

CVE-2016-2856: pt_chown in the glibc package before 2↗2016-03-14

▶

💥Exploits & PoCs

Exploit-DB

Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation↗2016-02-22

▶

📋Vendor Advisories

Ubuntu

GNU C Library regression↗2016-05-26

▶

Ubuntu

GNU C Library vulnerabilities↗2016-05-25

▶

Debian

CVE-2016-2856: glibc - pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc ...↗2016

▶