NULL pointer dereference and OOPS vulnerability in Linux kernel mount propagation tree traversal

NULL pointer dereference and OOPS vulnerability in Linux kernel mount propagation tree traversal

CVE-2016-4581 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.