VYPR
Medium severity6.5NVD Advisory· Published Apr 4, 2017· Updated Jun 17, 2026

CVE-2016-10318

CVE-2016-10318

Description

A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel before 4.7.4 allows a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux/Kernel2 versions
    cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=4.7.3
    • (no CPE)range: <4.7.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.