High severity7.8NVD Advisory· Published May 23, 2016· Updated May 6, 2026
CVE-2016-4913
CVE-2016-4913
Description
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.
Affected products
10cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
- cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:extra:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:extra:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- www.openwall.com/lists/oss-security/2016/05/18/3nvdMailing ListPatchThird Party Advisory
- www.openwall.com/lists/oss-security/2016/05/18/5nvdMailing ListPatchThird Party Advisory
- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.htmlnvdMailing ListThird Party Advisory
- www.debian.org/security/2016/dsa-3607nvdThird Party Advisory
- www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5nvdVendor Advisory
- www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.htmlnvdThird Party Advisory
- www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/90730nvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-3016-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3016-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3016-3nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3016-4nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3017-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3017-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3017-3nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3018-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3018-2nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3019-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3020-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3021-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3021-2nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:3083nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:3096nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryVDB Entry
- github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6nvdVendor Advisory
News mentions
0No linked articles in our index yet.