CVE-2016-4913
- Source
- https://cve.org/CVERecord?id=CVE-2016-4913
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4913.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-4913
- Downstream
- Related
- Published
- 2016-05-23T10:59:14.723Z
- Modified
- 2026-03-15T22:08:15.096321Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The getrockridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
- http://www.ubuntu.com/usn/USN-3019-1
- http://www.ubuntu.com/usn/USN-3021-1
- http://www.ubuntu.com/usn/USN-3021-2
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html
- http://www.debian.org/security/2016/dsa-3607
- http://www.securityfocus.com/bid/90730
- http://www.ubuntu.com/usn/USN-3016-1
- http://www.ubuntu.com/usn/USN-3016-2
- http://www.ubuntu.com/usn/USN-3016-3
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.ubuntu.com/usn/USN-3016-4
- http://www.ubuntu.com/usn/USN-3017-3
- http://www.ubuntu.com/usn/USN-3018-2
- http://www.ubuntu.com/usn/USN-3020-1
- https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
- http://www.ubuntu.com/usn/USN-3017-1
- http://www.ubuntu.com/usn/USN-3017-2
- http://www.ubuntu.com/usn/USN-3018-1
- https://access.redhat.com/errata/RHSA-2018:3083
- https://access.redhat.com/errata/RHSA-2018:3096
- https://bugzilla.redhat.com/show_bug.cgi?id=1337528
- http://www.openwall.com/lists/oss-security/2016/05/18/3
- http://www.openwall.com/lists/oss-security/2016/05/18/5
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected4fe89d07dcc2804c8b562f6c7896a45643d34b2fFixed99d825822eade8d827a1817357cbf3f889a552d6
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "6" } ] }
- Type
- GIT
- Repo
- https://github.com/torvalds/linux
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "14.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.2.81"
}
]
},
{
"events": [
{
"introduced": "3.3"
},
{
"fixed": "3.10.102"
}
]
},
{
"events": [
{
"introduced": "3.11"
},
{
"fixed": "3.12.60"
}
]
},
{
"events": [
{
"introduced": "3.13"
},
{
"fixed": "3.14.70"
}
]
},
{
"events": [
{
"introduced": "3.15"
},
{
"fixed": "3.16.36"
}
]
},
{
"events": [
{
"introduced": "3.17"
},
{
"fixed": "3.18.34"
}
]
},
{
"events": [
{
"introduced": "3.19"
},
{
"fixed": "4.1.25"
}
]
},
{
"events": [
{
"introduced": "4.2"
},
{
"fixed": "4.4.11"
}
]
},
{
"events": [
{
"introduced": "4.5"
},
{
"fixed": "4.5.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "11.0-sp4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "11.0-sp4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "11.0-extra"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "11.0-sp4"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4913.json"