Security December 7, 2016: Linux Kernel Security Vulnerability CVE-2016-8655

eva2000 · Dec 7, 2016

Another Linux Kernel Security Vulnerability - CVE-2016-8655 which allows local root user alleviated privileges. Doesn't affect Redhat/CentOS 5 or 6 but does affect Redhat and CentOS 7.x but not for default RH/CentOS 7 setups (see below info). Bug report at Bug 1400019 – CVE-2016-8655 kernel: Race condition in packet_set_ring leads to use after free

Waiting on CentOS and Redhat to release updated Kernel for CentOS 7.x

Probably good time to look into KernelCare

CVE-2016-8655
Impact:
Important
Public Date:
2016-12-06
CWE:
CWE-362->CWE-416
Bugzilla:
1400019: CVE-2016-8655 kernel: Race condition in packet_set_ring leads to use after free
A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system.

Find out more about CVE-2016-8655 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement
This issue does not affect Red Hat Enterprise Linux 5 and 6.

This issue does affect Red Hat Enterprise Linux 7 and Red Hat Enterprise MRG 2. Future updates for the respective releases may address this issue.

Please note that in order to exploit this issue the attacker needs CAP_NET_RAW capability and hence the issue cannot be exploited in the default setup on Red Hat Enterprise Linux 7 as Red Hat Enterprise Linux 7 does not have unprivileged user namespaces enabled by default. CAP_NET_RAW capability needs to be granted by the administrator to the attacker's account.
Click to expand...

Log in / Register

Forums

Join the community today

Security December 7, 2016: Linux Kernel Security Vulnerability CVE-2016-8655

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

Security December 7, 2016: Linux Kernel Security Vulnerability CVE-2016-8655

eva2000 Administrator Staff Member

.