CVE-2016-10906: Race Condition

Reference Links

• http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c278c253f3d992c6994d08aa0efb2b6806ca396f
• https://seclists.org/bugtraq/2019/Nov/11
• https://support.f5.com/csp/article/K01993501?utm_source=f5support&utm_medium=RSS
• https://usn.ubuntu.com/4163-1/
• https://usn.ubuntu.com/4163-2/
• https://support.f5.com/csp/article/K01993501?utm_source=f5support&utm_medium=RSS
• https://launchpad.net/bugs/cve/CVE-2016-10906
• https://support.f5.com/csp/article/K01993501?utm_source=f5support&amp%3Butm_medium=RSS
• https://git.kernel.org/linus/c278c253f3d992c6994d08aa0efb2b6806ca396f
• https://security-tracker.debian.org/tracker/CVE-2016-10906
• https://ubuntu.com/security/notices/USN-4163-1
• https://ubuntu.com/security/notices/USN-4163-2
• https://www.cve.org/CVERecord?id=CVE-2016-10906
• https://nvd.nist.gov/vuln/detail/CVE-2016-10906
• https://git.kernel.org/linus/e4f2379db6c6823c5d4a4c2c912df00c65de51d7
• https://ubuntu.com/security/CVE-2016-10906

Parent vulnerabilities

(Appears in the following advisories)

• USN-4163-1
• USN-4163-2

Frequently Asked Questions

• What is the vulnerability ID for this issue?

  The vulnerability ID for this issue is CVE-2016-10906.

• What is the description of the vulnerability?

  The vulnerability is a use-after-free caused by a race condition between the functions arc_emac_tx and arc_emac_tx_clean in the Linux kernel before version 4.5.

• What software versions are affected by this vulnerability?

  Software versions before Linux kernel version 4.5 are affected by this vulnerability.

• How can I fix this vulnerability?

  To fix this vulnerability, update your Linux kernel to version 4.5 or later.

• Where can I find more information about this vulnerability?

  You can find more information about this vulnerability at the following references: [1] [2] [3].