[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2017-786 ---- kernel perf

ID: oval:org.secpod.oval:def:1600494Date: (C)2017-01-27   (M)2023-12-20
Class: PATCHFamily: unix




The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 .

Platform:
Amazon Linux AMI
Product:
kernel
perf
Reference:
ALAS-2017-786
CVE-2016-10088
CVE    1
CVE-2016-10088
CPE    4
cpe:/o:amazon:linux
cpe:/o:linux:linux_kernel
cpe:/a:perf:perf
cpe:/o:linux:linux_kernel:4.9
...

© SecPod Technologies