VDB
CVE-2016-3699
CVE-2016-3699
PUBLISHED
Reported by redhat · Published October 7, 2016
The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| chainguard | linux-qemu-melange | 0, 0, 0 |
| chainguard | linux-aws-6.18 | *, *, * |
| chainguard | linux | *, *, * |
| chainguard | linux-qemu-rc | *, *, * |
| chainguard | linux-azure-6.18 | *, *, * |
| chainguard | linux-gcp-6.18 | *, *, * |
| chainguard | linux-qemu-generic | *, *, * |
| chainguard | linux-azure-generic | *, *, * |
| chainguard | linux-vmware-6.12 | 0, 0, 0 |
| chainguard | linux-gcp-6.12 | *, *, * |
| n/a | n/a | n/a, n/a |
| chainguard | linux-vmware-generic | *, *, * |
| chainguard | linux-qemu-6.18 | 0, 0, 0 |
| chainguard | linux-aws-generic | *, *, * |
| chainguard | linux-qemu-6.12 | 0, 0, 0 |
| chainguard | linux-aws-6.12 | *, *, * |
| chainguard | linux-vmware-6.18 | 0, 0, 0 |
| chainguard | linux-gcp-generic | *, *, * |
| chainguard | linux-azure-6.12 | *, *, * |
Exploit Intelligence
Timeline
- Oct 7, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- x_refsource_CONFIRM
- x_refsource_MISC
- [oss-security] 20160922 kernel: ACPI table override is allowed when securelevel is enabled mailing-listx_refsource_MLIST
- RHSA-2016:2584 vendor-advisoryx_refsource_REDHAT
- RHSA-2016:2574 vendor-advisoryx_refsource_REDHAT
- 93114 vdb-entryx_refsource_BID