Denial of Service and System Crash Vulnerability in Linux Kernel on PowerPC Platforms

Denial of Service and System Crash Vulnerability in Linux Kernel on PowerPC Platforms

CVE-2016-5828 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.