Medium severity5.5NVD Advisory· Published Jun 27, 2016· Updated May 6, 2026

CVE-2016-5243

Description

The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patchwork.ozlabs.org/patch/629100/nvdPatch
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdVendor Advisory
github.com/torvalds/linux/commit/5d2be1422e02ccd697ccfcd45c85b4a26e6178e2nvdVendor Advisory
www.debian.org/security/2016/dsa-3607nvd
www.openwall.com/lists/oss-security/2016/06/03/4nvd
www.securityfocus.com/bid/91334nvd
www.ubuntu.com/usn/USN-3049-1nvd
www.ubuntu.com/usn/USN-3050-1nvd
www.ubuntu.com/usn/USN-3051-1nvd
www.ubuntu.com/usn/USN-3052-1nvd
www.ubuntu.com/usn/USN-3053-1nvd
www.ubuntu.com/usn/USN-3054-1nvd
www.ubuntu.com/usn/USN-3055-1nvd
www.ubuntu.com/usn/USN-3056-1nvd
www.ubuntu.com/usn/USN-3057-1nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000