CVE-2016-6246

{"id": "CVE-2016-6246", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2017-03-07T16:59:00.650", "references": [{"url": "http://www.openbsd.org/errata58.html", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "http://www.openbsd.org/errata59.html", "tags": ["Release Notes"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2016/07/14/5", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2016/07/17/7", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/91805", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "OpenBSD 5.8 and 5.9 allows certain local users with kern.usermount privileges to cause a denial of service (kernel panic) by mounting a tmpfs with a VNOVAL in the (1) username, (2) groupname, or (3) device name of the root node."}, {"lang": "es", "value": "OpenBSD 5.8 y 5.9 permite a ciertos usuarios locales con privilegios kern.usermount provocar una denegaci\u00f3n de servicio (p\u00e1nico en el kernel) montando un tmpfs con un VNOVAL en el (1) nombre de usuario, (2) nombre de grupo o (3) nombre de dispositivo del nodo root."}], "lastModified": "2017-03-09T02:59:00.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:openbsd:openbsd:5.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F69813E0-1ED8-4417-BE52-BAC9CDCA2070"}, {"criteria": "cpe:2.3:o:openbsd:openbsd:5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD160B3E-E1D1-432E-ABFB-B288B4EEEE4A"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}