{
  "threat_severity" : "Moderate",
  "public_date" : "2016-05-05T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: Slave being first propagated copy causes oops in propagate_mnt",
    "id" : "1333712",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1333712"
  },
  "cvss" : {
    "cvss_base_score" : "4.7",
    "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:N/I:N/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-476",
  "details" : [ "fs/pnode.c in the Linux kernel before 4.5.4 does not properly traverse a mount propagation tree in a certain case involving a slave mount, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted series of mount system calls." ],
  "statement" : "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, as there is no user namespace support in the products listed.\nThis issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.",
  "acknowledgement" : "This issue was discovered by Eric W. Biederman (Red Hat).",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2584",
    "cpe" : "cpe:/a:redhat:rhel_extras_rt:7",
    "package" : "kernel-rt-0:3.10.0-514.rt56.420.el7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2016-11-03T00:00:00Z",
    "advisory" : "RHSA-2016:2574",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "kernel-0:3.10.0-514.el7"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-4581\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-4581" ],
  "name" : "CVE-2016-4581",
  "csaw" : false
}