#VU28383 Permissions, Privileges, and Access Controls in Linux kernel - CVE-2016-7489

Cybersecurity Help s.r.o.

Published: 2016-11-10 | Updated: 2020-06-01

Vulnerability identifier: #VU28383

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2016-7489

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Teradata Virtual Machine Community Edition v15.10's perl script /opt/teradata/gsctools/bin/t2a.pl creates files in /tmp in an insecure manner, this may lead to elevated code execution.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: 4.4 - 4.4.165, 4.9 - 4.9.141, 4.14 - 4.14.84

External links
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.85
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.166
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.142

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Permissions, Privileges, and Access Controls in Linux kernel