Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2016-9806

Published: 28/12/2016 Updated: 17/01/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 642
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Linux Kernel

Vulnerability Summary

Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel prior to 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...
Debian CVElist Bug Report Logs: linux-image-3.16.0-4-686-pae: chown removes security.capability xattr on other users' files (CVE-2015-1350)
Debian Bug report logs - #770492 linux-image-3160-4-686-pae: chown removes securitycapability xattr on other users' files (CVE-2015-1350) Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Affects: wireshark-common, iputils-ping, fping Reported by: Ben Harris <bjh21@cama ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the kernel ...
Amazon Linux AMI: ALAS-2016-718
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems This flaw will allow attackers to alter arbitary kernel memory when unloading a kernel module This action is usually restricted to root-priveledged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS (CVE-2016-4997 ...

References

CWE-362CWE-415https://github.com/torvalds/linux/commit/92964c79b357efd980812c4de5c1fd2ec8bb5520https://bugzilla.redhat.com/show_bug.cgi?id=1401502http://www.openwall.com/lists/oss-security/2016/12/03/4http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3http://lists.openwall.net/netdev/2016/05/15/69http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=92964c79b357efd980812c4de5c1fd2ec8bb5520http://www.securityfocus.com/bid/94653https://source.android.com/security/bulletin/2017-03-01.htmlhttp://www.securitytracker.com/id/1037968https://access.redhat.com/errata/RHSA-2017:2669https://access.redhat.com/errata/RHSA-2017:2077https://access.redhat.com/errata/RHSA-2017:1842https://access.redhat.com/errata/RHSA-2017:1842https://nvd.nist.govhttps://usn.ubuntu.com/3168-1/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook