Race condition in Oracle VM Server for x86 and Oracle Linux - CVE-2016-6136
Published: September 7, 2016 / Updated: April 26, 2017
Vulnerability identifier: #VU358
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-6136
CWE-ID: CWE-362
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Oracle
Affected software:
Oracle VM Server for x86
Oracle Linux
Oracle VM Server for x86
Oracle Linux
Detailed vulnerability description
The vulnerability allows local users to interrupt system-call auditing.
The vulnerability exists due to parafunction of audit_log_single_execve_arg. By altering "double fetch" vulnerability, a local user can bypass set limitations and interrupt system-call auditing.
Successful exploitation of this vulnerability will allow an attacker to interrupt system-call auditing and perform a race condition.
How to mitigate CVE-2016-6136
Sources
- http://www.securityfocus.com/archive/1/538835/30/0/threaded
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645c
- https://bugzilla.kernel.org/show_bug.cgi?id=120681
- https://bugzilla.redhat.com/show_bug.cgi?id=1353533
- https://github.com/linux-audit/audit-kernel/issues/18
- https://github.com/torvalds/linux/commit/43761473c254b45883a64441dd0bc85a42f3645c
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html