Slackware Linux update for kernel

1) Use-after-free

EUVDB-ID: #VU90824

Risk: Low

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2016-8655

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to a use-after-free error within the packet_setsockopt() and packet_set_ring() functions in net/packet/af_packet.c. A local user can execute arbitrary code.

Mitigation

Update the affected package kernel.

Vulnerable software versions

Slackware Linux: 14.2

linux-4.4.38/kernel-modules: All versions

linux-4.4.38/kernel-huge: All versions

linux-4.4.38/kernel-generic: All versions

linux-4.4.38/kernel-headers: All versions

CPE2.3

• cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:*
• cpe:2.3:a:slackware:linux-4_4_38_kernel-modules:*:*:*:*:*:slackware_linux:*:*
• cpe:2.3:a:slackware:linux-4_4_38_kernel-huge:*:*:*:*:*:slackware_linux:*:*
• cpe:2.3:a:slackware:linux-4_4_38_kernel-generic:*:*:*:*:*:slackware_linux:*:*
• cpe:2.3:a:slackware:linux-4_4_38_kernel-headers:*:*:*:*:*:slackware_linux:*:*

External links

https://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.931787

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.