{
  "threat_severity" : "Important",
  "public_date" : "2016-05-12T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: tags with indefinite length can corrupt pointers in asn1_find_indefinite_length()",
    "id" : "1300257",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1300257"
  },
  "cvss" : {
    "cvss_base_score" : "7.2",
    "cvss_scoring_vector" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-120",
  "details" : [ "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.", "A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system." ],
  "statement" : "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2.",
  "acknowledgement" : "Red Hat would like to thank Philip Pettersson (Samsung) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-05-12T00:00:00Z",
    "advisory" : "RHSA-2016:1051",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-327.18.2.rt56.223.el7_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-05-12T00:00:00Z",
    "advisory" : "RHSA-2016:1033",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-327.18.2.el7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2016-05-12T00:00:00Z",
    "advisory" : "RHSA-2016:1055",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-1:3.10.0-327.rt56.183.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-0758\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-0758" ],
  "name" : "CVE-2016-0758",
  "csaw" : false
}