vulnerability

Ubuntu: (Multiple Advisories) (CVE-2016-8633): Linux kernel vulnerabilities

Severity
6
CVSS
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Published
Nov 27, 2016
Added
Dec 21, 2016
Modified
Apr 14, 2025

Description

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the
TTY implementation in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2015-8964)

It was discovered that the Video For Linux Two (v4l2) implementation in the
Linux kernel did not properly handle multiple planes when processing a
VIDIOC_DQBUF ioctl(). A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2016-4568)

CAI Qian discovered that shared bind mounts in a mount namespace
exponentially added entries without restriction to the Linux kernel's mount
table. A local attacker could use this to cause a denial of service (system
crash). (CVE-2016-6213)

It was discovered that the KVM implementation for x86/x86_64 in the Linux
kernel could dereference a null pointer. An attacker in a guest virtual
machine could use this to cause a denial of service (system crash) in the
KVM host. (CVE-2016-8630)

Eyal Itkin discovered that the IP over IEEE 1394 (FireWire) implementation
in the Linux kernel contained a buffer overflow when handling fragmented
packets. A remote attacker could use this to possibly execute arbitrary
code with administrative privileges. (CVE-2016-8633)

Marco Grassi discovered that the TCP implementation in the Linux kernel
mishandles socket buffer (skb) truncation. A local attacker could use this
to cause a denial of service (system crash). (CVE-2016-8645)

Andrey Konovalov discovered that the SCTP implementation in the Linux
kernel improperly handled validation of incoming data. A remote attacker
could use this to cause a denial of service (system crash). (CVE-2016-9555)

Solution(s)

ubuntu-upgrade-linux-image-3-13-0-133-genericubuntu-upgrade-linux-image-3-13-0-133-generic-lpaeubuntu-upgrade-linux-image-3-13-0-133-lowlatencyubuntu-upgrade-linux-image-3-13-0-133-powerpc-e500ubuntu-upgrade-linux-image-3-13-0-133-powerpc-e500mcubuntu-upgrade-linux-image-3-13-0-133-powerpc-smpubuntu-upgrade-linux-image-3-13-0-133-powerpc64-embubuntu-upgrade-linux-image-3-13-0-133-powerpc64-smpubuntu-upgrade-linux-image-4-4-0-1038-raspi2ubuntu-upgrade-linux-image-4-4-0-1042-snapdragonubuntu-upgrade-linux-image-4-4-0-57-genericubuntu-upgrade-linux-image-4-4-0-57-generic-lpaeubuntu-upgrade-linux-image-4-4-0-57-lowlatencyubuntu-upgrade-linux-image-4-4-0-57-powerpc-e500mcubuntu-upgrade-linux-image-4-4-0-57-powerpc-smpubuntu-upgrade-linux-image-4-4-0-57-powerpc64-embubuntu-upgrade-linux-image-4-4-0-57-powerpc64-smpubuntu-upgrade-linux-image-4-8-0-1021-raspi2ubuntu-upgrade-linux-image-4-8-0-32-genericubuntu-upgrade-linux-image-4-8-0-32-generic-lpaeubuntu-upgrade-linux-image-4-8-0-32-lowlatencyubuntu-upgrade-linux-image-4-8-0-32-powerpc-e500mcubuntu-upgrade-linux-image-4-8-0-32-powerpc-smpubuntu-upgrade-linux-image-4-8-0-32-powerpc64-embubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-lts-trustyubuntu-upgrade-linux-image-generic-lpae-lts-xenialubuntu-upgrade-linux-image-generic-lts-trustyubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-powerpc-e500ubuntu-upgrade-linux-image-powerpc-e500mcubuntu-upgrade-linux-image-powerpc-e500mc-lts-xenialubuntu-upgrade-linux-image-powerpc-smpubuntu-upgrade-linux-image-powerpc-smp-lts-xenialubuntu-upgrade-linux-image-powerpc64-embubuntu-upgrade-linux-image-powerpc64-emb-lts-xenialubuntu-upgrade-linux-image-powerpc64-smpubuntu-upgrade-linux-image-powerpc64-smp-lts-xenialubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.