CVE-2016-2856
First published: Mon Mar 14 2016(Updated: )
pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10 lacks a namespace check associated with file-descriptor passing, which allows local users to capture keystrokes and spoof data, and possibly gain privileges, via pts read and write operations, related to debian/sysdeps/linux.mk. NOTE: this is not considered a vulnerability in the upstream GNU C Library because the upstream documentation has a clear security recommendation against the --enable-pt_chown option.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ubuntu Linux | =12.04 | |
| Ubuntu Linux | =14.04 | |
| Ubuntu Linux | =15.10 | |
| Debian GNU/Linux | =8.0 | |
| GNU C Library (glibc) | <=2.18 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=09f7764882a81e13e7b5d87d715412283a6ce403
- http://anonscm.debian.org/cgit/pkg-glibc/glibc.git/commit/?h=jessie&id=11475c083282c1582c4dd72eecfcb2b7d308c958
- http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2856.html
- http://www.halfdog.net/Security/2015/PtChownArbitraryPtsAccessViaUserNamespace/
- http://www.openwall.com/lists/oss-security/2016/02/23/3
- http://www.openwall.com/lists/oss-security/2016/03/07/2
- http://www.securityfocus.com/bid/84601
- http://www.ubuntu.com/usn/USN-2985-1
- http://www.ubuntu.com/usn/USN-2985-2
Frequently Asked Questions
What is the severity of CVE-2016-2856?
CVE-2016-2856 has a medium severity rating, indicating potential impact on system integrity.
How do I fix CVE-2016-2856?
To fix CVE-2016-2856, update the glibc package to the latest version available for your distribution.
Which systems are affected by CVE-2016-2856?
CVE-2016-2856 affects Debian Jessie and specific Ubuntu versions including 12.04 LTS, 14.04 LTS, 15.10, and 16.04 LTS.
What components are impacted by CVE-2016-2856?
The vulnerability impacts the 'pt_chown' component within the glibc package.
Can CVE-2016-2856 be exploited remotely?
CVE-2016-2856 requires local access for exploitation, making it less likely to be exploited by remote attackers.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/12.04
- version/ubuntu linux/14.04
- version/ubuntu linux/15.10
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/8.0
- vendor/gnu
- canonical/gnu c library (glibc)
- version/gnu c library (glibc)/2.18