CVE-2016-9313

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-9313
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9313.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-9313
Downstream
Published
2016-11-28T03:59:15.033Z
Modified
2026-02-26T00:59:13.984393Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

security/keys/bigkey.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a crafted application that uses the bigkey data type.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb
Introduced
523d939ef98fd712632d93a5a2b588e477a7565e
Fixed
7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb

Affected versions

v4.*
v4.7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9-rc1
v4.9-rc2

Database specific

vanir_signatures 
[
    {
        "id": "CVE-2016-9313-3c1e52ae",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "81961107586973759414839115316814780505",
                "95976531997163851681741158784479280279",
                "322769823317178956638707875905578696935",
                "45262072562213167008798074692652417177",
                "280906059959398509338269535399291830469",
                "221986018945703191400708026664574901233",
                "17320199384896055535754492196118927558",
                "220109775914964375029887465115489403624",
                "295202056149282362233354476183017719962",
                "169411335824192338170519066399294932435",
                "69980011135571153883587341264812990263",
                "204191980268247354321626922115730433913",
                "125027407001675010898934207864962568190",
                "16931406369001065856439209769752026977",
                "154242523901974002652617471097856788862",
                "228521453950138552258285669925885337536",
                "60351803644089020764079332535012155265",
                "191451956597887744179535740184386459549",
                "63321455562050033189028327630440668564",
                "297736978071231796935617497885102821747",
                "256750205339259967045466689280590873174",
                "284107363163947468544132846715388092658",
                "149305829732287542844237236140504551940",
                "262912513857698880085375958295575481180",
                "298547645254847263980824094837445003494",
                "183693672516269316094658132454770036251",
                "29694638383532299178231560723585764719",
                "261612940624859687041293995048823227337",
                "248426957543608221510060629040955574890"
            ]
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb",
        "signature_type": "Line",
        "target": {
            "file": "security/keys/big_key.c"
        }
    },
    {
        "id": "CVE-2016-9313-55cd9dc4",
        "signature_version": "v1",
        "digest": {
            "function_hash": "191598971049056726199210563640016084250",
            "length": 76.0
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb",
        "signature_type": "Function",
        "target": {
            "file": "security/keys/big_key.c",
            "function": "big_key_init"
        }
    },
    {
        "id": "CVE-2016-9313-cdcc6450",
        "signature_version": "v1",
        "digest": {
            "function_hash": "212087865944941353260850328740026185312",
            "length": 529.0
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb",
        "signature_type": "Function",
        "target": {
            "file": "security/keys/big_key.c",
            "function": "big_key_crypto_init"
        }
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-9313.json"