[USN-3147-1] Linux kernel vulnerabilities
Severity
High
CVEs
2
Several security issues were fixed in the kernel.
Andreas Gruenbacher and Jan Kara discovered that the filesystem
implementation in the Linux kernel did not clear the setgid bit during a
setxattr call. A local attacker could use this to possibly elevate group
privileges. (CVE-2016-7097)
Marco Grassi discovered that the driver for Areca RAID Controllers in the
Linux kernel did not properly validate control messages. A local attacker
could use this to cause a denial of service (system crash) or possibly gain
privileges. (CVE-2016-7425)
- ID
- USN-3147-1
- Severity
- high
- Severity from
- CVE-2016-7425
- URL
- https://ubuntu.com/security/notices/USN-3147-1
- Published
-
2016-11-30T20:45:43
(7 years ago) - Modified
-
2016-11-30T20:45:43
(7 years ago) - Other Advisories
-
- ALAS-2017-805
- DSA-3696-1
- ELSA-2017-0817
- ELSA-2017-1842
- ELSA-2017-3533
- ELSA-2017-3534
- ELSA-2017-3535
- ELSA-2017-3596
- FEDORA-2016-f3d1f79398
- FEDORA-2017-6cc158c193
- FEDORA-2017-81fbd592d4
- RHSA-2017:0817
- RHSA-2017:1842
- RHSA-2017:2077
- SUSE-SU-2016:2912-1
- SUSE-SU-2016:2976-1
- SUSE-SU-2016:3069-1
- SUSE-SU-2016:3304-1
- SUSE-SU-2017:0181-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0471-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:1102-1
- USN-3144-1
- USN-3144-2
- USN-3145-1
- USN-3145-2
- USN-3146-1
- USN-3146-2
- USN-3161-3
- USN-3161-4
- USN-3162-2
- USN-3422-1
- USN-3422-2
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |