Vulnerabilities

CVE-2016-2085

by Fred · 27/04/2016

The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.

Date published : 2016-04-27

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=613317bd212c585c20796c10afe5daaa95d4b0a1

https://bugzilla.redhat.com/show_bug.cgi?id=1324867

Similar

Tags: Cybersecurity Alert