vulnerability
Arch Linux: Privilege escalation (CVE-2017-16996)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Dec 22, 2017 | Jul 11, 2025 | Mar 25, 2026 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 22, 2017
Added
Jul 11, 2025
Modified
Mar 25, 2026
Description
An arbitrary memory r/w access issue was found in the Linux kernel before 4.14.9 compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation errors in the eBPF verifier module, triggered by user supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call.
Solution
arch-linux-upgrade-latest
References
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.