2017-01-12
ALT-BU-2017-2872-1
Branch p8 update bulletin.
Package kernel-image-un-def updated to version 4.8.17-alt0.M80P.1 for branch p8 in task 175992.
Closed vulnerabilities
Published: 2016-12-30
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2016-10088
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
Severity: HIGH (7.0)
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835
- RHSA-2017:0817
- RHSA-2017:0817
- [oss-security] 20161230 Re: Linux Kernel use-after-free in SCSI generic device interface
- [oss-security] 20161230 Re: Linux Kernel use-after-free in SCSI generic device interface
- 95169
- 95169
- 1037538
- 1037538
- RHSA-2017:1842
- RHSA-2017:1842
- RHSA-2017:2077
- RHSA-2017:2077
- RHSA-2017:2669
- RHSA-2017:2669
- https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835
- https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835