Search for vulnerabilities
Vulnerability details: VCID-xkfe-mpjz-aaap
Vulnerability ID VCID-xkfe-mpjz-aaap
Aliases CVE-2016-5011
Summary The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
Status Published
Exploitability 0.5
Weighted Severity 4.4
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html
rhas Low https://access.redhat.com/errata/RHSA-2016:2605
cvssv3 4.6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5011.json
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00059 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00084 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00163 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00183 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
epss 0.00228 https://api.first.org/data/v1/epss?cve=CVE-2016-5011
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1349741
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011
cvssv2 2.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 4.9 https://nvd.nist.gov/vuln/detail/CVE-2016-5011
cvssv3 4.6 https://nvd.nist.gov/vuln/detail/CVE-2016-5011
cvssv3.1 4.6 https://nvd.nist.gov/vuln/detail/CVE-2016-5011
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html
http://rhn.redhat.com/errata/RHSA-2016-2605.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5011.json
https://api.first.org/data/v1/epss?cve=CVE-2016-5011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543
http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801
http://www.openwall.com/lists/oss-security/2016/07/11/2
http://www.securityfocus.com/bid/91683
http://www.securitytracker.com/id/1036272
1349741 https://bugzilla.redhat.com/show_bug.cgi?id=1349741
830802 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802
cpe:2.3:a:ibm:power_hardware_management_console:8.8.6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:power_hardware_management_console:8.8.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:powerkvm:2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:powerkvm:3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ibm:powerkvm:3.1:*:*:*:*:*:*:*
cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVE-2016-5011 https://nvd.nist.gov/vuln/detail/CVE-2016-5011
RHSA-2016:2605 https://access.redhat.com/errata/RHSA-2016:2605
USN-5478-1 https://usn.ubuntu.com/5478-1/
No exploits are available.
Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5011.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2016-5011
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-5011
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-5011
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.15348
EPSS Score 0.00059
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.