CVE-2016-3707

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

Published: Jun 27, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-3707
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
linux / linux_kernel-rt	-	3.10.0.x
redhat / enterprise_linux_for_real_time	7	7.x
redhat / enterprise_linux_for_real_time_for_nfv	7	7.x
novell / suse_linux_enterprise_real_time_extension	12.0-sp1	12.0-sp1.x

Vulnerability Database

289,697

CVE-2016-3707