CVE-2016-9794: Use After Free
First published: Mon Dec 05 2016(Updated: )
A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. References: <a href="https://patchwork.kernel.org/patch/8752621/">https://patchwork.kernel.org/patch/8752621/</a> Upstream patch: <a href="https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4">https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4</a> CVE-ID request+assign: <a href="http://seclists.org/oss-sec/2016/q4/575">http://seclists.org/oss-sec/2016/q4/575</a>
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | <3.2.85 | |
| Linux Kernel | >=3.3<3.10.105 | |
| Linux Kernel | >=3.11<3.12.69 | |
| Linux Kernel | >=3.13<3.16.40 | |
| Linux Kernel | >=3.17<3.18.52 | |
| Linux Kernel | >=3.19<4.4.37 | |
| Linux Kernel | >=4.5<4.7 | |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.15-1 | |
| Android |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?id=a27178e05b7c332522df40904f27674e36ee3757
- https://source.android.com/docs/security/bulletin/2017-05-01 (Advisory)
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html
- http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html
- http://rhn.redhat.com/errata/RHSA-2016-2574.html
- http://www.openwall.com/lists/oss-security/2016/12/03/2
- http://www.securityfocus.com/bid/94654
- https://bugzilla.redhat.com/show_bug.cgi?id=1401494
- https://github.com/torvalds/linux/commit/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4
- https://patchwork.kernel.org/patch/8752621/
- https://source.android.com/security/bulletin/2017-05-01
- http://seclists.org/oss-sec/2016/q4/575
- https://access.redhat.com/support/policy/updates/errata/
- https://git.kernel.org/linus/3aa02cb664c5fb1042958c8d1aa8c35055a2ebc4
- http://seclists.org/oss-sec/2016/q4/576
- https://security-tracker.debian.org/tracker/CVE-2016-9794
Frequently Asked Questions
What is the severity of CVE-2016-9794?
CVE-2016-9794 is considered a high severity vulnerability due to potential for denial of service and memory corruption.
How do I fix CVE-2016-9794?
To fix CVE-2016-9794, update your Linux kernel to a version higher than 4.7 or install the recommended Debian packages.
Which systems are affected by CVE-2016-9794?
CVE-2016-9794 affects multiple versions of the Linux kernel and Android systems prior to updates that address the vulnerability.
What are the potential impacts of CVE-2016-9794?
The potential impacts of CVE-2016-9794 include denial of service, memory corruption, and possibly privilege escalation.
Can CVE-2016-9794 affect my Android device?
Yes, CVE-2016-9794 can affect Android devices running vulnerable versions of the operating system.
- agent/type
- agent/first-publish-date
- agent/references
- agent/remedy
- agent/author
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-9794
- agent/last-modified-date
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/weakness
- agent/tags
- agent/event
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/android-source
- source/Android
- vendor/linux
- canonical/linux kernel
- version/linux kernel/3.3
- version/linux kernel/3.11
- version/linux kernel/3.13
- version/linux kernel/3.17
- version/linux kernel/3.19
- version/linux kernel/4.5
- package-manager/debian
- vendor/google
- canonical/android