vulnerability
Red Hat: CVE-2016-10200: Important: kernel security, bug fix, and enhancement update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Mar 7, 2017 | Aug 3, 2017 | Mar 3, 2021 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Mar 7, 2017
Added
Aug 3, 2017
Modified
Mar 3, 2021
Description
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.
Solutions
redhat-upgrade-kernelredhat-upgrade-kernel-rt
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.