vulnerability

CentOS Linux: CVE-2016-10200: Important: kernel security, bug fix, and enhancement update (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:M/Au:N/C:C/I:C/A:C)	Mar 7, 2017	Aug 28, 2019	May 25, 2023

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Mar 7, 2017

Added

Aug 28, 2019

Modified

May 25, 2023

Description

Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.

Solution(s)

centos-upgrade-kernelcentos-upgrade-kernel-rt

References

BID-101783
NVD-CVE-2016-10200
REDHAT-RHSA-2017:1842
REDHAT-RHSA-2017:2077
REDHAT-RHSA-2017:2437
REDHAT-RHSA-2017:2444

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today