First published: Fri Dec 30 2016(Updated: )
It was found that the fix for CVE-2016-9576 was incomplete: the Linux kernel's sg implementation did not properly restrict write operations in situations where the KERNEL_DS option is set. A local attacker to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging write access to a /dev/sg device.
Credit: security@debian.org security@debian.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-696.el6 | 0:2.6.32-696.el6 |
redhat/kernel-rt | <0:3.10.0-693.rt56.617.el7 | 0:3.10.0-693.rt56.617.el7 |
redhat/kernel | <0:3.10.0-693.el7 | 0:3.10.0-693.el7 |
redhat/kernel-rt | <1:3.10.0-693.2.1.rt56.585.el6 | 1:3.10.0-693.2.1.rt56.585.el6 |
Linux Linux kernel | <3.10.107 | |
Linux Linux kernel | >=3.11<3.12.70 | |
Linux Linux kernel | >=3.13<3.16.40 | |
Linux Linux kernel | >=3.17<3.18.47 | |
Linux Linux kernel | >=3.19<4.1.38 | |
Linux Linux kernel | >=4.2<4.4.41 | |
Linux Linux kernel | >=4.5<4.8.17 | |
Linux Linux kernel | >=4.9<4.9.2 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2016-10088 is a vulnerability in the Linux kernel that allows local users to read or write to arbitrary kernel memory locations or cause a denial of service.
CVE-2016-10088 has a severity rating of high.
The Linux kernel versions up to 4.9 are affected by CVE-2016-10088.
To fix CVE-2016-10088, update your Linux kernel to version 4.10 or higher.
You can find more information about CVE-2016-10088 at the following references: [link1], [link2], [link3].