All errata/p8/ALT-PU-2016-2023-1
ALT-PU-2016-2023-1

Package update kernel-image-un-def in branch p8

Version4.7.5-alt0.M80P.1
Task#169892
Published2016-09-26
Max severityMEDIUM
Severity:

Closed issues (4)

CVE-2016-6828
MEDIUM5.5

The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.

Published: 2016-10-16Modified: 2025-04-12
CVSS 2.0MEDIUM 4.9
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C
CVSS 3.xMEDIUM 5.5
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
CVE-2016-8658
MEDIUM6.1

Stack-based buffer overflow in the brcmf_cfg80211_start_ap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via a long SSID Information Element in a command to a Netlink socket.

Published: 2016-10-16Modified: 2025-04-12
CVSS 2.0MEDIUM 5.6
CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:P/A:C
CVSS 3.xMEDIUM 6.1
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
References
CVE-2016-9178
MEDIUM5.5

The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel before 4.7.5 does not initialize a certain integer variable, which allows local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call.

Published: 2016-11-28Modified: 2025-04-12
CVSS 2.0LOW 2.1
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS 3.xMEDIUM 5.5
CVSS:3.x/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
CVE-2017-7273
MEDIUM6.6

The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.

Published: 2017-03-27Modified: 2025-04-20
CVSS 2.0MEDIUM 4.6
CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS 3.xMEDIUM 6.6
CVSS:3.x/CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References