• Status Closed
  • Percent Complete
  • Task Type Outdated package
  • Category core
  • Assigned To Francesco Marinucci (FranzMari)
  • Operating System
  • Severity Critical
  • Priority Normal
  • Reported Version
  • Due in Version Undecided
  • Due Date Undecided
Attached to Project: Packages
Opened by gnastyle (gnastyle) - 2016-12-08
Last edited by Francesco Marinucci (FranzMari) - 2017-12-10

FS#1775 - linux CVE-2016-8655

Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

Very bad TBH.

Update to 4.8.13 at least.

This task does not depend on any other tasks.

Closed by  Francesco Marinucci (FranzMari)
Sunday, 10 December 2017, 17:02 GMT
Reason for closing:  Updated
Additional comments about closing:  we now provide linux 4.13.11
Kardos László (lacesz)
Tuesday, 21 March 2017, 13:21 GMT
Please upgrade kernel 4.10.4 LTS!

This linux kernel 4.8.6 is outdated!