CVE-2016-10044
CVSS v3.1
7.8 (High)
CVSS v2.0
7.2 (High)
EPSS
0.04 % (5th)
Affected Products
2
Advisories
6
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux WX policy restrictions, and consequently gain privileges, via an io_setup system call.
Weaknesses
- CWE-264
- Permissions, Privileges, and Access Controls
- CVE Status
- PUBLISHED
- CNA
- Android (associated with Google Inc. or Open Handset Alliance)
- Published Date
-
2017-02-07 07:59:00
(7 years ago) - Updated Date
-
2023-01-17 21:40:37
(20 months ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...