CVE-2016-9806
EUVD-2016-1060728.12.2016, 07:59
Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 3.12 ≤ 𝑥 < 3.12.62 |
| linux | linux_kernel | 3.13 ≤ 𝑥 < 3.14.73 |
| linux | linux_kernel | 3.15 ≤ 𝑥 < 3.16.37 |
| linux | linux_kernel | 3.17 ≤ 𝑥 < 3.18.37 |
| linux | linux_kernel | 3.19 ≤ 𝑥 < 4.1.28 |
| linux | linux_kernel | 4.2 ≤ 𝑥 < 4.4.14 |
| linux | linux_kernel | 4.5 ≤ 𝑥 < 4.6.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||
| linux-armadaxp |
| ||||||||
| linux-aws |
| ||||||||
| linux-flo |
| ||||||||
| linux-gke |
| ||||||||
| linux-goldfish |
| ||||||||
| linux-grouper |
| ||||||||
| linux-hwe |
| ||||||||
| linux-hwe-edge |
| ||||||||
| linux-linaro-omap |
| ||||||||
| linux-linaro-shared |
| ||||||||
| linux-linaro-vexpress |
| ||||||||
| linux-lts-quantal |
| ||||||||
| linux-lts-raring |
| ||||||||
| linux-lts-saucy |
| ||||||||
| linux-lts-trusty |
| ||||||||
| linux-lts-utopic |
| ||||||||
| linux-lts-vivid |
| ||||||||
| linux-lts-wily |
| ||||||||
| linux-lts-xenial |
| ||||||||
| linux-maguro |
| ||||||||
| linux-mako |
| ||||||||
| linux-manta |
| ||||||||
| linux-qcm-msm |
| ||||||||
| linux-raspi2 |
| ||||||||
| linux-snapdragon |
| ||||||||
| linux-ti-omap4 |
|
References