CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
65.8%
This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack (CVE-2016-8399) A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (CVE-2016-9576). A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact (CVE-2016-9794). Other fixes in this update: - fix for HID gamepad DragonRise (mga#19853) - fix for radeon driver crashing on Dell Precision M4800 (mga#19892) For other upstream fixes in this update, see the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | kernel | < 4.4.39-1 | kernel-4.4.39-1.mga5 |
Mageia | 5 | noarch | kernel-userspace-headers | < 4.4.39-1 | kernel-userspace-headers-4.4.39-1.mga5 |
Mageia | 5 | noarch | kmod-vboxadditions | < 5.1.10-3.1 | kmod-vboxadditions-5.1.10-3.1.mga5 |
Mageia | 5 | noarch | kmod-virtualbox | < 5.1.10-3.1 | kmod-virtualbox-5.1.10-3.1.mga5 |
Mageia | 5 | noarch | kmod-xtables-addons | < 2.10-18 | kmod-xtables-addons-2.10-18.mga5 |
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
65.8%