Vulnerabilities

CVE-2016-9576

by Fred · 28/12/2016

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.

Date published : 2016-12-28

http://www.securityfocus.com/bid/94821

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0

Similar

Tags: Cybersecurity Alert