High severity7.8NVD Advisory· Published Feb 13, 2017· Updated Jun 17, 2026
CVE-2016-2568
CVE-2016-2568
Description
pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- www.openwall.com/lists/oss-security/2016/02/26/3nvdMailing ListThird Party Advisory
- access.redhat.com/security/cve/cve-2016-2568nvdThird Party Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvdMailing ListThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- ubuntu.com/security/CVE-2016-2568nvdThird Party Advisory
News mentions
0No linked articles in our index yet.