REDHAT-BUG-1354383
First published: Mon Jul 11 2016(Updated: )
A vulnerability leading to a local privilege escalation was found in apparmor in the Linux kernel. When proc_pid_attr_write() was changed to use memdup_user apparmor's (interface violating) assumption that the setprocattr buffer was always a single page was violated. Upstream pull request: <a href="http://marc.info/?l=linux-kernel&m=146793642811929&w=2">http://marc.info/?l=linux-kernel&m=146793642811929&w=2</a> Upstream fix: <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca</a> References: <a href="http://seclists.org/oss-sec/2016/q3/30">http://seclists.org/oss-sec/2016/q3/30</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux kernel | ||
| Ubuntu AppArmor |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://marc.info/?l=linux-kernel&m=146793642811929&w=2
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca
- http://seclists.org/oss-sec/2016/q3/30
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1354385
- https://bugzilla.redhat.com/show_bug.cgi?id=1354383
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-6187
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/linux
- canonical/linux kernel
- vendor/apparmor
- canonical/ubuntu apparmor