7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
7.8%
Severity: High
Date : 2016-12-06
CVE-ID : CVE-2016-8655
Package : linux-lts
Type : privilege escalation
Remote : No
Link : https://wiki.archlinux.org/index.php/CVE
The package linux-lts before version 4.4.36-1 is vulnerable to
privilege escalation.
Upgrade to 4.4.36-1.
The problem has been fixed upstream but no release is available yet.
None.
Philip Pettersson discovered a race condition in the af_packet
implementation in the Linux kernel. A local unprivileged attacker could
use this to cause a denial of service (system crash) or run arbitrary
code with administrative privileges.
A local unprivileged attacker is able to crash the system or run
arbitrary code with administrative privileges.
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c
http://seclists.org/oss-sec/2016/q4/607
https://access.redhat.com/security/cve/CVE-2016-8655
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
7.8%