CVE-2016-2847

Published: Apr 27, 2016Modified: May 6, 2026

6.2

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.5 / Impact: 3.6

Source: NVD

Description

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

Affected (17)

Products: Linux: Linux Kernel · Novell: Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Desktop, Suse Linux Enterprise Live Patching, Suse Linux Enterprise Module For Public Cloud, Suse Linux Enterprise Real Time Extension, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit, Suse Linux Enterprise Workstation Extension

Linux

1 product

Linux Kernel

Novell

8 products

Suse Linux Enterprise Debuginfo

Suse Linux Enterprise Desktop

Suse Linux Enterprise Live Patching

Suse Linux Enterprise Module For Public Cloud

Suse Linux Enterprise Real Time Extension

Suse Linux Enterprise Server

Suse Linux Enterprise Software Development Kit

Suse Linux Enterprise Workstation Extension

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Up to 4.4.8

Configuration B

16 vulnerable

Vulnerable Software	Affected Versions
Novell Suse Linux Enterprise Debuginfo	Version 11.0 sp4
Novell Suse Linux Enterprise Desktop	Version 12.0
Novell Suse Linux Enterprise Desktop	Version 12.0 sp1
Novell Suse Linux Enterprise Live Patching	Version 12.0
Novell Suse Linux Enterprise Module For Public Cloud	Version 12.0
Novell Suse Linux Enterprise Real Time Extension	Version 11.0 sp4
Novell Suse Linux Enterprise Real Time Extension	Version 12.0 sp1
Novell Suse Linux Enterprise Server	Version 11.0 extra
Novell Suse Linux Enterprise Server	Version 11.0 sp4
Novell Suse Linux Enterprise Server	Version 12.0
Novell Suse Linux Enterprise Server	Version 12.0 sp1
Novell Suse Linux Enterprise Software Development Kit	Version 11.0 sp4
Novell Suse Linux Enterprise Software Development Kit	Version 12.0
Novell Suse Linux Enterprise Software Development Kit	Version 12.0 sp1
Novell Suse Linux Enterprise Workstation Extension	Version 12.0
Novell Suse Linux Enterprise Workstation Extension	Version 12.0 sp1

Related CWEs

CWE-399

References (56)

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52

Source: secalert@redhat.com

PatchVendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html

Source: secalert@redhat.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2574.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2016-2584.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2017-0217.html

Source: secalert@redhat.com

http://www.debian.org/security/2016/dsa-3503

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2016/03/01/3

Source: secalert@redhat.com

Patch

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

Source: secalert@redhat.com

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/83870

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2946-1

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2946-2

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2947-1

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2947-2

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2947-3

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2948-1

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2948-2

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2949-1

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2967-1

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2967-2

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=1313428

Source: secalert@redhat.com

Issue Tracking

https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52

Source: secalert@redhat.com

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=759c01142a5d0f364a462346168a56de28a80f52