The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.
References
Configurations
History
21 Nov 2024, 02:55
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30a46a4647fd1df9cf52e43bf467f0d9265096ca - Issue Tracking, Patch | |
References | () http://marc.info/?l=linux-kernel&m=146793642811929&w=2 - Third Party Advisory | |
References | () http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.5 - Release Notes | |
References | () http://www.openwall.com/lists/oss-security/2016/07/09/2 - Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/91696 - Third Party Advisory, VDB Entry | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1354383 - Issue Tracking | |
References | () https://github.com/torvalds/linux/commit/30a46a4647fd1df9cf52e43bf467f0d9265096ca - Issue Tracking, Patch |
Information
Published : 2016-08-06 20:59
Updated : 2024-11-21 02:55
NVD link : CVE-2016-6187
Mitre link : CVE-2016-6187
CVE.ORG link : CVE-2016-6187
JSON object : View
Products Affected
linux
- linux_kernel