fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.
{ "vanir_signatures": [ { "digest": { "function_hash": "159212217996474306100707289539917597711", "length": 394.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-1ec6bc25", "signature_version": "v1", "target": { "function": "alloc_pipe_info", "file": "fs/pipe.c" } }, { "digest": { "function_hash": "9826055533231251989246385628315165192", "length": 304.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-284020fb", "signature_version": "v1", "target": { "function": "free_pipe_info", "file": "fs/pipe.c" } }, { "digest": { "function_hash": "159212217996474306100707289539917597711", "length": 394.0 }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-30ad4e9a", "signature_version": "v1", "target": { "function": "alloc_pipe_info", "file": "fs/pipe.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "146511006400634390463007417019100270246", "6557854735873156433027806710866922811", "335524008467050564816938846076600910047", "237138065973622512451667430805629176924", "250840378357544767992746312060508662920", "263906813543886088807953990813042692292", "167863358760285523654250941564555115237", "69557918871261674552518243946649078103", "118395554087385067721269861362159816406", "4545941566126139804849403523054499155", "309828736140206013644453353364733256158", "284297436891019701330850778085018449905", "217235793862882424035700726457579966665", "129106958878421399653009332812802981135", "163910783980629412406831793839370526818", "89582898040510836041884322818722789709", "216504350491098244420338938587698921102", "305391763069378633281412973739691657010", "253698133718172649204919139633402427102", "199384173194699746811783699097700559002", "61966554026060482230451592177951586779", "91255410593383989187613728432194890952", "79371503405172735853916188777426565659", "108864777720923707923367744083496200016", "146198093590389684243262827280182788648", "69537672659211650143938158893494026283", "250887083031219865211904228728294295398", "119287496875529822993741605009685071689", "149967548476990507103091273469802373835" ] }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-359f3e94", "signature_version": "v1", "target": { "file": "fs/pipe.c" } }, { "digest": { "function_hash": "13525338182300267228205594250185100703", "length": 618.0 }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-46b0f5f9", "signature_version": "v1", "target": { "function": "pipe_fcntl", "file": "fs/pipe.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "26651255485875776249244118530615815718", "49072043545631355319977013686539061657", "48702790981573862211193566646350122416", "105362252250479109807894118248456857442", "145880535692122893810319251254987564547", "61505585331578711616988652108573598614", "174507404196940368532628118098936467158", "257596395722169885466015981148891097943", "246086423447353162063028013592814521053", "319524503219686426883961829408495774094", "226406403443223508924348041710970596053" ] }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-4f58a108", "signature_version": "v1", "target": { "file": "include/linux/pipe_fs_i.h" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "2970803820312540229149461766764273487", "337131029388447680073520105755391984696", "239848811018323912732156557345723079596", "105729707691997709423439201030524830501" ] }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-57dd07bd", "signature_version": "v1", "target": { "file": "include/linux/sched.h" } }, { "digest": { "function_hash": "9826055533231251989246385628315165192", "length": 304.0 }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-7da505e2", "signature_version": "v1", "target": { "function": "free_pipe_info", "file": "fs/pipe.c" } }, { "digest": { "function_hash": "13525338182300267228205594250185100703", "length": 618.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-8ebdb4b7", "signature_version": "v1", "target": { "function": "pipe_fcntl", "file": "fs/pipe.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "2970803820312540229149461766764273487", "337131029388447680073520105755391984696", "239848811018323912732156557345723079596", "105729707691997709423439201030524830501" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-9494d463", "signature_version": "v1", "target": { "file": "include/linux/sched.h" } }, { "digest": { "function_hash": "13738447304655182940178979055473819320", "length": 755.0 }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-9832f1dd", "signature_version": "v1", "target": { "function": "pipe_set_size", "file": "fs/pipe.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "146511006400634390463007417019100270246", "6557854735873156433027806710866922811", "335524008467050564816938846076600910047", "237138065973622512451667430805629176924", "250840378357544767992746312060508662920", "263906813543886088807953990813042692292", "167863358760285523654250941564555115237", "69557918871261674552518243946649078103", "118395554087385067721269861362159816406", "4545941566126139804849403523054499155", "309828736140206013644453353364733256158", "284297436891019701330850778085018449905", "217235793862882424035700726457579966665", "129106958878421399653009332812802981135", "163910783980629412406831793839370526818", "89582898040510836041884322818722789709", "216504350491098244420338938587698921102", "305391763069378633281412973739691657010", "253698133718172649204919139633402427102", "199384173194699746811783699097700559002", "61966554026060482230451592177951586779", "91255410593383989187613728432194890952", "79371503405172735853916188777426565659", "108864777720923707923367744083496200016", "146198093590389684243262827280182788648", "69537672659211650143938158893494026283", "250887083031219865211904228728294295398", "119287496875529822993741605009685071689", "149967548476990507103091273469802373835" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-aaa995be", "signature_version": "v1", "target": { "file": "fs/pipe.c" } }, { "digest": { "function_hash": "13738447304655182940178979055473819320", "length": 755.0 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Function", "deprecated": false, "id": "CVE-2016-2847-b8b86818", "signature_version": "v1", "target": { "function": "pipe_set_size", "file": "fs/pipe.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "26651255485875776249244118530615815718", "49072043545631355319977013686539061657", "48702790981573862211193566646350122416", "105362252250479109807894118248456857442", "145880535692122893810319251254987564547", "61505585331578711616988652108573598614", "174507404196940368532628118098936467158", "257596395722169885466015981148891097943", "246086423447353162063028013592814521053", "319524503219686426883961829408495774094", "226406403443223508924348041710970596053" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-ca30115a", "signature_version": "v1", "target": { "file": "include/linux/pipe_fs_i.h" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "10473301146441202463289491397401828423", "42210259354502147747304737369759443852", "315813764829983910493700618404397159812", "63598946016393672720631452802178432673" ] }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git@759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-e0d8dc46", "signature_version": "v1", "target": { "file": "kernel/sysctl.c" } }, { "digest": { "threshold": 0.9, "line_hashes": [ "10473301146441202463289491397401828423", "42210259354502147747304737369759443852", "315813764829983910493700618404397159812", "63598946016393672720631452802178432673" ] }, "source": "https://github.com/torvalds/linux/commit/759c01142a5d0f364a462346168a56de28a80f52", "signature_type": "Line", "deprecated": false, "id": "CVE-2016-2847-f92b3471", "signature_version": "v1", "target": { "file": "kernel/sysctl.c" } } ] }