Linux Kernel version 4.8 on Ubuntu 16.04 suffers from an sctp kernel pointer leak vulnerability.
4328864d04016b724c3257548f9385b9def968488b0edc973e5ba71afba92a2b
Red Hat Security Advisory 2017-2931-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
edba1cdf75883b0afd4147a1b9b0f8c787387b79a168379d1cee80de73ebe1ea
Red Hat Security Advisory 2017-2930-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
e290a5f1dc4b6935b2c09d9c88039750f701a314dff84bdf0a026e7c338e354d
Red Hat Security Advisory 2017-2918-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: Out-of-bounds kernel heap access vulnerability was found in xfrm, kernel's IP framework for transforming packets. An error dealing with netlink messages from an unprivileged user leads to arbitrary read/write and privilege escalation. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket could use this flaw to elevate their privileges on the system.
668de5ec7c2ffb14d70f655cc1fae90c9916874f80e9a59e8ec1cecdaf1fa43b