First published: Fri Jun 24 2016(Updated: )
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitary kernel memory when unloading a kernel module. This action is usually restricted to root-priveledged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated priveledges. This flaw was introduced in commit 52e804c6dfaa, Upstream fixes <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d04">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d04</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb088">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb088</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968</a> Discussion on oss-sec: <a href="http://www.openwall.com/lists/oss-security/2016/06/24/5">http://www.openwall.com/lists/oss-security/2016/06/24/5</a>
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=2.6.17<3.2.80 | |
Linux Linux kernel | >=3.3<3.10.103 | |
Linux Linux kernel | >=3.11<3.12.62 | |
Linux Linux kernel | >=3.13<3.14.73 | |
Linux Linux kernel | >=3.15<3.16.37 | |
Linux Linux kernel | >=3.17<3.18.37 | |
Linux Linux kernel | >=3.19<4.1.28 | |
Linux Linux kernel | >=4.2<4.4.14 | |
Linux Linux kernel | >=4.5<4.6.3 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
Canonical Ubuntu Linux | =16.04 | |
Novell Suse Linux Enterprise Software Development Kit | =12.0 | |
Novell Suse Linux Enterprise Software Development Kit | =12.0-sp1 | |
Novell Suse Linux Enterprise Desktop | =12.0 | |
Novell Suse Linux Enterprise Desktop | =12.0-sp1 | |
Novell Suse Linux Enterprise Live Patching | =12.0 | |
Novell Suse Linux Enterprise Module For Public Cloud | =12.0 | |
Novell Suse Linux Enterprise Real Time Extension | =12.0-sp1 | |
Novell Suse Linux Enterprise Server | =12.0 | |
Novell Suse Linux Enterprise Server | =12.0-sp1 | |
Novell Suse Linux Enterprise Workstation Extension | =12.0 | |
Novell Suse Linux Enterprise Workstation Extension | =12.0-sp1 | |
Oracle Linux | =7 | |
Debian Debian Linux | =8.0 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.10-1 6.12.5-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.