Stack-based buffer overflow in Linux kernel - CVE-2016-8632
Published: April 30, 2017 / Updated: May 30, 2020
Vulnerability identifier: #VU6394
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-8632
CWE-ID: CWE-121
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause kernel panic or escalate privileges.
The vulnerability exists due to a boundary error during minimum bearer MTU check within the tipc_msg_build() function. A local user can set a very short MTU, trigger stack-based buffer overflow and cause kernel panic or execute arbitrary code on the target system with elevated privileges.
Successful exploitation of the vulnerability may allow an attacker to cause kernel panic or escalate privileges on the system.
How to mitigate CVE-2016-8632
Update to version 4.8.14 or 4.4.65.