CVE-2016-0758 - OpenCVE

Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Enterprise Linux Server Enterprise Linux Server Eus Enterprise Linux Desktop Enterprise Linux Hpc Node Eus Enterprise Linux Workstation Enterprise Linux Hpc Node Enterprise Linux Server Aus
Canonical	Ubuntu Linux
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 3 [-]

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

References

Link	Resource
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa	Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1033.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1051.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1055.html	Third Party Advisory
http://source.android.com/security/bulletin/2016-10-01.html	Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/05/12/9	Mailing List Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	Third Party Advisory
http://www.securityfocus.com/bid/90626	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2979-4	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1300257	Issue Tracking Third Party Advisory
https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa	Third Party Advisory
https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555	Third Party Advisory