vulnerability
F5 Networks: K54610514 (CVE-2016-10088): Linux kernel vulnerability CVE-2016-10088
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Dec 30, 2016 | Feb 16, 2017 | Feb 1, 2018 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Dec 30, 2016
Added
Feb 16, 2017
Modified
Feb 1, 2018
Description
The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.
Solution
f5-big-ip-upgrade-latest

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.