The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer dereference and system crash) or possibly gain privileges by leveraging CLONE_NEWUSER support to execute a crafted SOCK_RAW application.
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79462ad02e861803b3840cc782248c7359451cd9
lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
rhn.redhat.com/errata/RHSA-2016-0855.html
rhn.redhat.com/errata/RHSA-2016-2574.html
rhn.redhat.com/errata/RHSA-2016-2584.html
www.debian.org/security/2015/dsa-3426
www.debian.org/security/2016/dsa-3434
www.openwall.com/lists/oss-security/2015/12/09/5
www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
www.securityfocus.com/bid/79698
www.securitytracker.com/id/1034892
www.ubuntu.com/usn/USN-2886-1
www.ubuntu.com/usn/USN-2888-1
www.ubuntu.com/usn/USN-2890-1
www.ubuntu.com/usn/USN-2890-2
www.ubuntu.com/usn/USN-2890-3
bugzilla.redhat.com/show_bug.cgi?id=1290475
github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9