Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-8655

Опубликовано: 08 дек. 2016
Источник: debian

Описание

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed4.8.15-1package
linuxfixed3.16.39-1jessiepackage

Примечания

  • http://seclists.org/oss-sec/2016/q4/607

  • Introduced by: https://git.kernel.org/linus/f6fb8f100b807378fda19e83e5ac6828b638603a (v3.2-rc1)

  • Fixed by: https://git.kernel.org/linus/84ac7260236a49c79eede91617700174c2c19b0c (v4.9-rc8)

  • Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1

Связанные уязвимости

ubuntu логотип

CVE-2016-8655

CVSS3: 7.8
ubuntu
больше 8 лет назад

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

redhat логотип

CVE-2016-8655

CVSS3: 7
redhat
больше 8 лет назад

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

nvd логотип

CVE-2016-8655

CVSS3: 7.8
nvd
больше 8 лет назад

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

github логотип

GHSA-3x7h-7xqw-rj45

CVSS3: 7.8
github
около 3 лет назад

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

fstec логотип

BDU:2016-02353

CVSS3: 7.8
fstec
больше 8 лет назад

Уязвимость компонента net/packet/af_packet.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии