Red Hat Bugzilla – Bug 1322755
CVE-2016-3695 kernel: Error injection via EINJ is allowed when securelevel is enabled
Last modified: 2018-02-07 18:13:02 EST
It was found that EINJ, error injection mechanism, is allowed even if securelevel, a prevention from userspace performing actions that undermine trust in the platform, is enabled. This can have undesirable side-effects, such as causing the platform to mark hardware as needing replacement.
Name: Linn Crosetto (HP)
Internal CVE assignment: CVE-2016-3695
This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6 as the code with the flaw is not present in the products listed.
This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2. Future Linux kernel updates for the respective releases might address this issue.