High severity7.8NVD Advisory· Published May 23, 2016· Updated May 6, 2026

CVE-2016-4794

Description

Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service (BUG) or possibly have unspecified other impact via crafted use of the mmap and bpf system calls.

Affected products

Canonical/Ubuntu Linux2 versions
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: >=3.18,<3.18.37

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2016/05/12/6nvdExploitMailing ListThird Party Advisory
lkml.org/lkml/2016/4/17/125nvdExploitThird Party Advisory
rhn.redhat.com/errata/RHSA-2016-2574.htmlnvdThird Party Advisory
rhn.redhat.com/errata/RHSA-2016-2584.htmlnvdThird Party Advisory
www.securityfocus.com/bid/90625nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-3053-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-3054-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-3055-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-3056-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-3057-1nvdThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
source.android.com/security/bulletin/2016-12-01.htmlnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000