Home CVE Database CVE-2016-3707

CVE-2016-3707

Description

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

Priority: MEDIUM
CVSS v3: 8.1
Publish Date: Jun 27, 2016
Related ID: --
CVSS v2: High
Modified Date: Jun 27, 2016

Find out more about CVE-2016-3707 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Not Vulnerable -- -- --
Wind River Linux 8 Fixed LIN8-4070
8.0.0.8 --
Wind River Linux 9 Not Vulnerable -- -- --
Wind River Linux 7 Fixed -- 7.0.0.18 --
Wind River Linux LTS 21 Not Vulnerable -- -- --
Wind River Linux LTS 18 Not Vulnerable -- -- --
Wind River Linux LTS 19 Not Vulnerable -- -- --
Wind River Linux CD release Not Vulnerable -- -- --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads

Comments

linux

Live chat
Online