CVE-2016-10905
- Source
- https://cve.org/CVERecord?id=CVE-2016-10905
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10905.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-10905
- Downstream
- Related
- Published
- 2019-08-19T02:15:09.717Z
- Modified
- 2026-02-24T11:07:45.233275Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry.
- References
-
- https://support.f5.com/csp/article/K31332013?utm_source=f5support&%3Butm_medium=RSS
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36e4ad0316c017d5b271378ed9a1c9a4b77fab5f
- https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
- https://seclists.org/bugtraq/2019/Nov/11
- https://support.f5.com/csp/article/K31332013
- https://usn.ubuntu.com/4145-1/
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=36e4ad0316c017d5b271378ed9a1c9a4b77fab5f
- https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
- https://seclists.org/bugtraq/2019/Nov/11
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed36e4ad0316c017d5b271378ed9a1c9a4b77fab5fIntroducedb562e44f507e863c6792946e4e1b1449fbbac85dFixedc8d2bc9bc39ebea8437fd974fdbc21847bb897a3
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10905.json"
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@36e4ad0316c017d5b271378ed9a1c9a4b77fab5f",
"signature_type": "Function",
"digest": {
"function_hash": "191058336297664581867362034086260061543",
"length": 1648.0
},
"deprecated": false,
"target": {
"file": "fs/gfs2/rgrp.c",
"function": "read_rindex_entry"
},
"id": "CVE-2016-10905-5208d399",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@36e4ad0316c017d5b271378ed9a1c9a4b77fab5f",
"signature_type": "Function",
"digest": {
"function_hash": "274500896363989666503663158000141018374",
"length": 522.0
},
"deprecated": false,
"target": {
"file": "fs/gfs2/rgrp.c",
"function": "gfs2_clear_rgrpd"
},
"id": "CVE-2016-10905-602095ff",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@36e4ad0316c017d5b271378ed9a1c9a4b77fab5f",
"signature_type": "Line",
"digest": {
"line_hashes": [
"94531177274477582571921928079679433937",
"184314265776748334065912156078272515390",
"13300816371268305535456670604000546417",
"147207173193913882777341511253588929626",
"68111223494537663544590638612403818300",
"266906447201837271749780923538463935789",
"50401440739085728296886791858733929956",
"313624237115525869324094351034919616430",
"198747627466491782660730200460803579145",
"165193713013712505222554504674649965338",
"107704532825869358727648488590947042474",
"139173133544544047282427162603428546749",
"17152292818746997636718817382937877681",
"82856932977635558770324163207790658640",
"297694918166405176501304393512875585951",
"64683233881550578174187833463507139874",
"75811959002626947613945376988870310109",
"255138779464261738893462941184529171322",
"312308953730133289928195079058771455496"
],
"threshold": 0.9
},
"deprecated": false,
"target": {
"file": "fs/gfs2/rgrp.c"
},
"id": "CVE-2016-10905-b78430c6",
"signature_version": "v1"
}
]