CVE-2016-10044 in Kernelinfo

Summary

The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

12/26/2016

Disclosure

02/07/2017

Moderation

VulDB entry created

Entries

VDB-96586 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

6.5

EPSS

0.00005

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10044
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10044
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10044/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!