CVE-2016-9031
CVE-2016-9031
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.8EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
14 dic 2016Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733.
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Productos afectados
Joyent · SmartOS¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →