vulnerability
Amazon Linux AMI: CVE-2016-8655: Security patch for kernel (ALAS-2016-772)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Dec 6, 2016 | Dec 9, 2016 | Oct 14, 2022 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 6, 2016
Added
Dec 9, 2016
Modified
Oct 14, 2022
Description
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
Solution
amazon-linux-upgrade-kernel
References
- REDHAT-RHSA-2017:0386
- REDHAT-RHSA-2017:0387
- REDHAT-RHSA-2017:0402
- AMAZON-ALAS-2016-772
- SUSE-SUSE-SU-2016:3096
- SUSE-SUSE-SU-2016:3113
- SUSE-SUSE-SU-2016:3116
- SUSE-SUSE-SU-2016:3117
- SUSE-SUSE-SU-2016:3169
- SUSE-SUSE-SU-2016:3183
- SUSE-SUSE-SU-2016:3197
- SUSE-SUSE-SU-2016:3205
- SUSE-SUSE-SU-2016:3206
- SUSE-SUSE-SU-2016:3247
- BID-94692
- SECTRACK-1037403
- SECTRACK-1037968
- UBUNTU-USN-3149-1
- UBUNTU-USN-3149-2
- UBUNTU-USN-3150-1
- UBUNTU-USN-3150-2
- UBUNTU-USN-3151-1
- UBUNTU-USN-3151-2
- UBUNTU-USN-3151-3
- UBUNTU-USN-3151-4
- UBUNTU-USN-3152-1
- UBUNTU-USN-3152-2
- NVD-CVE-2016-8655
- DEBIAN-DLA-772-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.