CVE-2016-9083
- Source
- https://cve.org/CVERecord?id=CVE-2016-9083
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9083.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-9083
- Downstream
- Related
- Published
- 2016-11-28T03:59:11.033Z
- Modified
- 2026-02-14T00:27:50.884810Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
drivers/vfio/pci/vfiopci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIODEVICESETIRQS ioctl call, aka a "state machine confusion bug."
- References
-
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a
- http://rhn.redhat.com/errata/RHSA-2017-0386.html
- http://rhn.redhat.com/errata/RHSA-2017-0387.html
- http://www.openwall.com/lists/oss-security/2016/10/26/11
- http://www.securityfocus.com/bid/93929
- https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a
- https://patchwork.kernel.org/patch/9373631/
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a
- https://bugzilla.redhat.com/show_bug.cgi?id=1389258
- https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=05692d7005a364add85c6e25a6c4447ce08f913a
- https://github.com/torvalds/linux/commit/05692d7005a364add85c6e25a6c4447ce08f913a
- https://patchwork.kernel.org/patch/9373631/
- http://www.openwall.com/lists/oss-security/2016/10/26/11
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed05692d7005a364add85c6e25a6c4447ce08f913aIntroducedb562e44f507e863c6792946e4e1b1449fbbac85dFixed69973b830859bc6529a7a0468ba0d80ee5117826
Affected versions
v4.*
v4.5
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9-rc1
v4.9-rc2
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9083.json"
vanir_signatures
[
{
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@05692d7005a364add85c6e25a6c4447ce08f913a",
"digest": {
"line_hashes": [
"219380740422457204544473623772003958245",
"264599558525306533415723522511465936498",
"27393989900155516086247585001194023980",
"327269645043652522027574648987274622462"
],
"threshold": 0.9
},
"id": "CVE-2016-9083-0293ff61",
"deprecated": false,
"target": {
"file": "drivers/vfio/pci/vfio_pci_intrs.c"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@05692d7005a364add85c6e25a6c4447ce08f913a",
"digest": {
"function_hash": "307791481686725862069246917818311480514",
"length": 654.0
},
"id": "CVE-2016-9083-07a63035",
"deprecated": false,
"target": {
"file": "drivers/vfio/pci/vfio_pci_intrs.c",
"function": "vfio_msi_enable"
}
},
{
"signature_type": "Function",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@05692d7005a364add85c6e25a6c4447ce08f913a",
"digest": {
"function_hash": "85887424076481087351986022807036792898",
"length": 7915.0
},
"id": "CVE-2016-9083-17cc42f7",
"deprecated": false,
"target": {
"file": "drivers/vfio/pci/vfio_pci.c",
"function": "vfio_pci_ioctl"
}
},
{
"signature_type": "Line",
"signature_version": "v1",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@05692d7005a364add85c6e25a6c4447ce08f913a",
"digest": {
"line_hashes": [
"233260825154470081430059614618351995287",
"280843295728363834628003148800973214550",
"72497988581435961034247026414548120732",
"88129304035963681060668758695708880675",
"33519468663533814488268269382413880782",
"195120568887590806256321997632376757305",
"323824813005457054862480484044171985171",
"9900658456361510760113624994001252683",
"323044706926447940371288834504637100725",
"6565626423960224473290161098189212154",
"156837437531890599886589822764534593517",
"21591182734682821016621723534852300164",
"277936980605261843110981516083420692373",
"69507979302654280050078286082043682215",
"332268600892101297100043647693620448445",
"322294407180563505448855248124514433351",
"45000894389753077072631052964878864562",
"5486993693929673239160777881162393578",
"235475058954547892111289184096102294934",
"60327917198922362581557884175310992360",
"102987212665911380411713584641982584937",
"173923191456440802749490327528982108073",
"225391970030866028378591465724642129611",
"147695036662967060786683405307067804519"
],
"threshold": 0.9
},
"id": "CVE-2016-9083-a8374e32",
"deprecated": false,
"target": {
"file": "drivers/vfio/pci/vfio_pci.c"
}
}
]