CVE-2016-9793
published 2016-12-28CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local…
PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EXPLOIT
EPSS
1.57%
72.2th percentile
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 4.8.15-1 (bookworm) | linux 4.8.15-1 (bookworm) |
| android | — | — | |
| linux | linux_kernel | >= 0 < 4.8.15-1 | 4.8.15-1 |
| linux | linux_kernel | >= 0 < 4.8.15-1 | 4.8.15-1 |
| linux | linux_kernel | >= 0 < 4.8.15-1 | 4.8.15-1 |
| linux | linux_kernel | >= 0 < 4.8.15-1 | 4.8.15-1 |
| linux | linux_kernel | >= 0 < 3.13.0-107.154 | 3.13.0-107.154 |
| linux | linux_kernel | >= 0 < 4.4.0-59.80 | 4.4.0-59.80 |
| linux | linux_kernel | >= 3.13 < 3.16.40 | 3.16.40 |
| linux | linux_kernel | >= 3.17 < 3.18.52 | 3.18.52 |
| linux | linux_kernel | >= 3.19 < 4.1.50 | 4.1.50 |
| linux | linux_kernel | >= 3.5 < 3.12.69 | 3.12.69 |
| linux | linux_kernel | >= 4.2 < 4.4.38 | 4.4.38 |
| linux | linux_kernel | >= 4.5 < 4.8.14 | 4.8.14 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p7q5-g2pg-7rc9: The sock_setsockopt function in net/core/sock
ghsa_unreviewed·2022-05-14
CVE-2016-9793 [HIGH] CWE-119 GHSA-p7q5-g2pg-7rc9: The sock_setsockopt function in net/core/sock
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
OSV
linux vulnerabilities
osv·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] linux vulnerabilities
linux vulnerabilities
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
kernel. A local attacker could use this to cause a denial of service
(syste
OSV
linux-raspi2 vulnerabilities
osv·2017-01-11·CVSS 7.8
CVE-2016-9794 [HIGH] linux-raspi2 vulnerabilities
linux-raspi2 vulnerabilities
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash). (CVE-2016-9794)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
OSV
linux vulnerabilities
osv·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] linux vulnerabilities
linux vulnerabilities
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
kernel. A local attacker could use this to cause a denial of service
(syste
OSV
linux-lts-xenial vulnerabilities
osv·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] linux-lts-xenial vulnerabilities
linux-lts-xenial vulnerabilities
USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
OSV
linux-snapdragon vulnerabilities
osv·2017-01-11·CVSS 7.8
CVE-2016-9794 [HIGH] linux-snapdragon vulnerabilities
linux-snapdragon vulnerabilities
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash). (CVE-2016-9794)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
OSV
CVE-2016-9793: The sock_setsockopt function in net/core/sock
osv·2016-12-28·CVSS 7.8
CVE-2016-9793 [HIGH] CVE-2016-9793: The sock_setsockopt function in net/core/sock
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
Android
CVE-2016-9793: Android Security Bulletin 2017-03-01
CVE: CVE-2016-9793
Severity: HIGH
References: A-33363517
Upstream kernel
vendor_android·2017-03-01·CVSS 7.8
CVE-2016-9793 [HIGH] CVE-2016-9793: Android Security Bulletin 2017-03-01
CVE: CVE-2016-9793
Severity: HIGH
References: A-33363517
Upstream kernel
Android Security Bulletin 2017-03-01
CVE: CVE-2016-9793
Severity: HIGH
References: A-33363517
Upstream kernel
Ubuntu
Linux kernel (Qualcomm Snapdragon) vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 7.8
CVE-2016-9793 [HIGH] Linux kernel (Qualcomm Snapdragon) vulnerabilities
Title: Linux kernel (Qualcomm Snapdragon) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash). (CVE-2016-9794)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTIO
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI
Ubuntu
Linux kernel (Raspberry Pi 2) vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 7.8
CVE-2016-9793 [HIGH] Linux kernel (Raspberry Pi 2) vulnerabilities
Title: Linux kernel (Raspberry Pi 2) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash). (CVE-2016-9794)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Du
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
k
Ubuntu
Linux kernel vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] Linux kernel vulnerabilities
Title: Linux kernel vulnerabilities
Summary: Several security issues were fixed in the kernel.
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Baozeng Ding discovered a race condition that could lead to a use-after-
free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux
k
Ubuntu
Linux kernel (Trusty HWE) vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] Linux kernel (Trusty HWE) vulnerabilities
Title: Linux kernel (Trusty HWE) vulnerabilities
Summary: Several security issues were fixed in the kernel.
USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 LTS.
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cau
Ubuntu
Linux kernel (Xenial HWE) vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 5.5
CVE-2016-9756 [MEDIUM] Linux kernel (Xenial HWE) vulnerabilities
Title: Linux kernel (Xenial HWE) vulnerabilities
Summary: Several security issues were fixed in the kernel.
USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel
did not properly initialize the Code Segment (CS) in certain error cases. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cau
Ubuntu
Linux kernel (Raspberry Pi 2) vulnerabilities
vendor_ubuntu·2017-01-11·CVSS 7.8
CVE-2016-9793 [HIGH] Linux kernel (Raspberry Pi 2) vulnerabilities
Title: Linux kernel (Raspberry Pi 2) vulnerabilities
Summary: Several security issues were fixed in the kernel.
Andrey Konovalov discovered that the ipv6 icmp implementation in the Linux
kernel did not properly check data structures on send. A remote attacker
could use this to cause a denial of service (system crash). (CVE-2016-9919)
Andrey Konovalov discovered that signed integer overflows existed in the
setsockopt() system call when handling the SO_SNDBUFFORCE and
SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability
could use this to cause a denial of service (system crash or memory
corruption). (CVE-2016-9793)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI ch
Red Hat
kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
vendor_redhat·2016-12-02·CVSS 7.8
CVE-2016-9793 [HIGH] CWE-190 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situation
Debian
CVE-2016-9793: linux - The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.1...
vendor_debian·2016·CVSS 7.8
CVE-2016-9793 [HIGH] CVE-2016-9793: linux - The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.1...
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
Scope: local
bookworm: resolved (fixed in 4.8.15-1)
bullseye: resolved (fixed in 4.8.15-1)
forky: resolved (fixed in 4.8.15-1)
sid: resolved (fixed in 4.8.15-1)
trixie: resolved (fixed in 4.8.15-1)
No detection rules found.
Bugzilla
CVE-2012-6704 kernel: Signed overflows in SO_{SND|RCV}BUF in sock_setsockopt()
bugzilla·2016-12-06·CVSS 7.8
CVE-2012-6704 [HIGH] CVE-2012-6704 kernel: Signed overflows in SO_{SND|RCV}BUF in sock_setsockopt()
CVE-2012-6704 kernel: Signed overflows in SO_{SND|RCV}BUF in sock_setsockopt()
A flaw was found in the Linux kernels implementation of setsockopt for the SO_{SND|RCV}BUF setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative.
This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption.
This situation affects SO_SNDBUFF and SO_RCVBUFF similarly as shown in CVE-2016-9793.
Upstream patch:
https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b
CVE assignment:
http://seclists.org/oss-sec/2016/q4/574
Discussion:
Statement:
This issue does not affect the kernels as shipping wit
Bugzilla
CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
bugzilla·2016-12-06·CVSS 7.8
CVE-2016-9793 [HIGH] CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE
A flaw was found in the Linux kernels implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative.
This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption.
This situation affects SO_SNDBUFF and SO_RCVBUFF similarly as shown in CVE-2012-6704.
Upstream patch:
https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290
CVE assignment:
http://seclists.org/oss-sec/2016/q4/574
Discussion:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 140201
Bugzilla
CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE [fedora-all]
bugzilla·2016-12-06·CVSS 7.8
CVE-2016-9793 [HIGH] CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE [fedora-all]
CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fe
arXiv
ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels
arxiv_fulltext·2021-10-05
ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels
: Peripheral Transplantation to Rehost Embedded Linux Kernels
[1,2]Muhui Jiang
[1]Lin Ma
[1]Yajin ZhouCorresponding author ([email protected]). *0.4em
[1]Qiang Liu
[3]Cen Zhang
[4]Zhi Wang
[2]Xiapu Luo
[1]Lei Wu
[1]Kui Ren
[1]Zhejiang University
[2]The Hong Kong Polytechnic University
[3]Nanyang Technological University
[4]Florida State University
## Abstract
Dynamic analysis based on the full-system emulator
QEMU is widely used for various purposes.
However, it is challenging to run
firmware images of embedded devices in QEMU,
especially the process to boot the Linux kernel
(we call this process rehosting the Linux kernel
in this paper).
That's because embedded devices usually use different
system-on-chips (SoCs)
from multiple vendors and only a limited
number of SoCs are currently
arXiv
Lic-Sec: an enhanced AppArmor Docker security profile generator
arxiv_fulltext·2020-09-24
Lic-Sec: an enhanced AppArmor Docker security profile generator
frontmatter
5pt
- 0ex
0cm
0em
Lic-Sec: an enhanced AppArmor Docker security profile generator
[1]Hui Zhu
[email protected]
[1]Christian Gehrmann
[email protected]
[1]Department of Electrical and Information Technology, Lund University, Lund, Sweden
## Abstract
Along with the rapid development of cloud computing technology, containerization technology has drawn much attention from both industry and academia. In this paper, we perform a comparative measurement analysis of Docker-sec, which is a Linux Security Module proposed in 2018, and a new AppArmor profile generator called Lic-Sec, which combines Docker-sec with a modified version of LiCShield, which is also a Linux Security Module proposed in 2015. Docker-sec and LiCShield can be used to enhance Docker container sec
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14http://www.openwall.com/lists/oss-security/2016/12/03/1http://www.securityfocus.com/bid/94655http://www.securitytracker.com/id/1037968https://access.redhat.com/errata/RHSA-2017:0931https://access.redhat.com/errata/RHSA-2017:0932https://access.redhat.com/errata/RHSA-2017:0933https://bugzilla.redhat.com/show_bug.cgi?id=1402013https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793https://source.android.com/security/bulletin/2017-03-01.htmlhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14http://www.openwall.com/lists/oss-security/2016/12/03/1http://www.securityfocus.com/bid/94655http://www.securitytracker.com/id/1037968https://access.redhat.com/errata/RHSA-2017:0931https://access.redhat.com/errata/RHSA-2017:0932https://access.redhat.com/errata/RHSA-2017:0933https://bugzilla.redhat.com/show_bug.cgi?id=1402013https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793https://source.android.com/security/bulletin/2017-03-01.html
2016-12-28
Published