Vulnerabilities

CVE-2016-7118

by Fred · 31/08/2016

fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 (kernel 3.2.81-1) in Debian wheezy mishandles F_SETFL fcntl calls on directories, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via standard filesystem operations, as demonstrated by scp from an AUFS filesystem.

Date published : 2016-08-31

http://www.securityfocus.com/bid/92697

http://seclists.org/oss-sec/2016/q3/395

Related

Tags: Cybersecurity Alert