vulnerability
Ubuntu: (Multiple Advisories) (CVE-2016-9644): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Nov 27, 2016 | Dec 1, 2016 | Apr 14, 2025 |
Description
It was discovered that the __get_user_asm_ex implementation in the Linux
kernel for x86/x86_64 contained extended asm statements that were
incompatible with the exception table. A local attacker could use this to
gain administrative privileges. (CVE-2016-9644)
Andreas Gruenbacher and Jan Kara discovered that the filesystem
implementation in the Linux kernel did not clear the setgid bit during a
setxattr call. A local attacker could use this to possibly elevate group
privileges. (CVE-2016-7097)
Marco Grassi discovered that the driver for Areca RAID Controllers in the
Linux kernel did not properly validate control messages. A local attacker
could use this to cause a denial of service (system crash) or possibly gain
privileges. (CVE-2016-7425)
Daxing Guo discovered a stack-based buffer overflow in the Broadcom
IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly gain
privileges. (CVE-2016-8658)
Solution(s)
References
- CVE-2016-9644
- https://attackerkb.com/topics/CVE-2016-9644
- NVD-CVE-2016-9644
- UBUNTU-USN-3144-1
- UBUNTU-USN-3144-2
- UBUNTU-USN-3145-1
- UBUNTU-USN-3145-2
- UBUNTU-USN-3146-1
- UBUNTU-USN-3146-2
- UBUNTU-USN-3147-1
- UBUNTU-USN-3160-1
- UBUNTU-USN-3160-2
- UBUNTU-USN-3161-1
- UBUNTU-USN-3161-2
- UBUNTU-USN-3161-3
- UBUNTU-USN-3161-4
- UBUNTU-USN-3162-1
- UBUNTU-USN-3162-2
- UBUNTU-USN-3187-1
- UBUNTU-USN-3187-2
- UBUNTU-USN-3188-1
- UBUNTU-USN-3188-2
- UBUNTU-USN-3290-1
- UBUNTU-USN-3360-1
- UBUNTU-USN-3360-2
- UBUNTU-USN-3422-1
- UBUNTU-USN-3422-2
- UBUNTU-USN-3445-1
- UBUNTU-USN-3445-2
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.