ELSA-2016-2006 -- Oracle kernel_python-perf_perfID: oval:org.secpod.oval:def:1501592 | Date: (C)2016-10-05 (M)2023-12-20 |
Class: PATCH | Family: unix |
A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. (CVE-2016-4470, Important). A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system. (CVE-2016-5829, Moderate)
Product: |
kernel |
python-perf |
perf |