Lucene search
F5F5:K05513373HistoryJan 27, 2017 - 12:00 a.m.
K05513373 : Linux kernel vulnerability CVE-2016-9576
2017-01-2700:00:00
my.f5.com
25
Security Advisory Description
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device. (CVE-2016-9576)
Impact
This vulnerability may allow locally authenticated users to read or write to arbitrary kernel memory locations or cause a denial of service (DoS).
Note: The exploit requires local shell access and can provide a user with root access to the system. On BIG-IP systems, shell access includes root privileges, making this exploit unnecessary.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.5.4 | |
| big-ip afm | eq | 11.5.5 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 |
Related
suse
suse
Security update for the openSUSE Leap 42.1 kernel. (important)
2016-12-12 17:09:01
Security update for the Linux Kernel (important)
2016-12-12 17:06:57
Security update for the Linux Kernel (important)
2016-12-22 18:09:12
cvelist
cvelist
CVE-2016-9576
2016-12-28 07:42:00
CVE-2016-10088
2016-12-30 18:00:00
cve
cve
CVE-2016-9576
2016-12-28 07:59:00
CVE-2016-10088
2016-12-30 18:59:00
openvas
openvas
openSUSE: Security Advisory for kernel (openSUSE-SU-2016:3085-1)
2017-02-22 00:00:00
openSUSE: Security Advisory for kernel (openSUSE-SU-2016:3086-1)
2016-12-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:3188-1)
2021-04-19 00:00:00
ubuntucve
ubuntucve
CVE-2016-9576
2016-12-28 00:00:00
CVE-2016-10088
2016-12-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:52:09
nvd
nvd
CVE-2016-9576
2016-12-28 07:59:00
CVE-2016-10088
2016-12-30 18:59:00
debiancve
debiancve
CVE-2016-9576
2016-12-28 07:59:00
CVE-2016-10088
2016-12-30 18:59:00
nessus
nessus
openSUSE Security Update : the Linux Kernel (openSUSE-2016-1438)
2016-12-13 00:00:00
F5 Networks BIG-IP : Linux kernel vulnerability (K05513373)
2017-11-03 00:00:00
redhatcve
redhatcve
CVE-2016-9576
2016-12-09 08:47:27
CVE-2016-10088
2017-01-11 14:47:35
prion
prion
Design/Logic Flaw
2016-12-28 07:59:00
Code injection
2016-12-30 18:59:00
broadcom
broadcom
BSA-2017-304
2017-05-17 00:00:00
f5
f5
K54610514 : Linux kernel vulnerability CVE-2016-10088
2017-01-27 00:00:00
amazon
amazon
Medium: kernel
2017-01-19 16:30:00
Medium: kernel
2017-01-04 17:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: kernel-4.8.13-200.fc24
2016-12-13 02:28:46
[SECURITY] Fedora 23 Update: kernel-4.8.13-100.fc23
2016-12-13 04:22:46
[SECURITY] Fedora 25 Update: kernel-4.8.13-300.fc25
2016-12-13 00:03:27
mageia
mageia
Updated kernel and kmod packages fix security vulnerabilities
2016-12-29 13:29:11
Updated kernel-tmb packages fix security vulnerabilities
2017-01-04 01:05:03
Updated kernel-linus packages fix security vulnerabilities
2017-01-04 01:05:03
archlinux
archlinux
[ASA-201702-18] linux-zen: multiple issues
2017-02-22 00:00:00
[ASA-201702-17] linux: multiple issues
2017-02-22 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2017-02-06 00:00:00
kernel security, bug fix, and enhancement update
2017-03-27 00:00:00
kernel security, bug fix, and enhancement update
2017-08-07 00:00:00
centos
centos
kernel, perf, python security update
2017-03-24 15:34:16
kernel, perf, python security update
2017-08-24 01:38:33
redhat
redhat
(RHSA-2017:0817) Moderate: kernel security, bug fix, and enhancement update
2017-03-21 08:09:43
(RHSA-2017:2669) Important: kernel-rt security and bug fix update
2017-09-06 20:24:03
virtuozzo
virtuozzo
debian
debian
[SECURITY] [DLA 772-1] linux security update
2017-01-01 18:24:51
osv
osv
linux - security update
2017-01-01 00:00:00
ibm
ibm