CVE-2016-4805

CWE-416Use After Free11 documents9 sources
Severity
7.8HIGH
EPSS
0.1%
top 65.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
12
Linux Linux KernelCanonical Ubuntu LinuxNovell Opensuse Leap+9 more
Timeline
PublishedMay 23
Latest updateMay 13

Description

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages11 packages

NVDlinux/linux_kernel2.6.303.2.80+8
Debianlinux< 4.5.2-1+3

Also affects: Ubuntu Linux 12.04, Enterprise Linux 6.0, 7.0

Patches

Patch: git.kernel.orgPatch: www.openwall.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-jwg9-q35h-9vwx: Use-after-free vulnerability in drivers/net/ppp/ppp_generic2022-05-13
CVEList
CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic2016-05-23
OSV
CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic2016-05-23

📋Vendor Advisories

5
Android
CVE-2016-4805: Android Security Bulletin 2016-09-01 CVE: CVE-2016-4805 Severity: HIGH References: A-28979703 Upstream kernel2016-09-01
Ubuntu
Linux kernel vulnerabilities2016-06-27
Ubuntu
Linux kernel (OMAP4) vulnerabilities2016-06-27
Red Hat
kernel: Use after free vulnerability in ppp_unregister_channel2016-03-16
Debian
CVE-2016-4805: linux - Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kerne...2016

💬Community

2
Bugzilla
CVE-2016-4805 kernel: Use after free vulnerability in ppp_unregister_channel2016-05-13
Bugzilla
CVE-2016-4805 kernel: Use after free vulnerability in ppp_unregister_channel [fedora-all]2016-05-13