vulnerability
Ubuntu: (Multiple Advisories) (CVE-2016-4470): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:N/I:N/A:C) | Jun 27, 2016 | Jul 1, 2017 | Apr 14, 2025 |
Description
Ben Hawkes discovered that the Linux netfilter implementation did not
correctly perform validation when handling IPT_SO_SET_REPLACE events. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-3134)
Vitaly Kuznetsov discovered that the Linux kernel did not properly suppress
hugetlbfs support in X86 paravirtualized guests. An attacker in the guest
OS could cause a denial of service (guest system crash). (CVE-2016-3961)
It was discovered that the keyring implementation in the Linux kernel did
not ensure a data structure was initialized before referencing it after an
error condition occurred. A local attacker could use this to cause a denial
of service (system crash). (CVE-2016-4470)
Kangjie Lu discovered an information leak in the netlink implementation of
the Linux kernel. A local attacker could use this to obtain sensitive
information from kernel memory. (CVE-2016-5243)
Solution(s)
References
- CVE-2016-4470
- https://attackerkb.com/topics/CVE-2016-4470
- DEBIAN-DLA-609-1
- DEBIAN-DSA-3607
- NVD-CVE-2016-4470
- UBUNTU-USN-2930-1
- UBUNTU-USN-2930-2
- UBUNTU-USN-2930-3
- UBUNTU-USN-3049-1
- UBUNTU-USN-3050-1
- UBUNTU-USN-3051-1
- UBUNTU-USN-3052-1
- UBUNTU-USN-3053-1
- UBUNTU-USN-3054-1
- UBUNTU-USN-3055-1
- UBUNTU-USN-3056-1
- UBUNTU-USN-3057-1
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.