Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 4.8.15-1linux_4.8.15-1_all.deb
Debian11alllinux< 4.8.15-1linux_4.8.15-1_all.deb
Debian999alllinux< 4.8.15-1linux_4.8.15-1_all.deb
Debian13alllinux< 4.8.15-1linux_4.8.15-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 4.8.15-1	linux_4.8.15-1_all.deb
Debian	11	all	linux	< 4.8.15-1	linux_4.8.15-1_all.deb
Debian	999	all	linux	< 4.8.15-1	linux_4.8.15-1_all.deb
Debian	13	all	linux	< 4.8.15-1	linux_4.8.15-1_all.deb

cve 2

nessus 58

openvas 38

seebug 1

slackware 1

cvelist 2

zdt 3

archlinux 4

ubuntu 10

metasploit 1

ubuntucve 2

packetstorm 1

exploitpack 1

veracode 1

thn 2

f5 2

prion 2

myhack58 2

redhat 3

threatpost 1

redhatcve 1

nvd 2

exploitdb 2

suse 28

debiancve 1

photon 1

googleprojectzero 1

fedora 3

oraclelinux 4

amazon 1

centos 1

mageia 3

ibm 2

osv 1

debian 1

androidsecurity 1

cve

CVE-2016-8655

2016-12-08 08:59:00

CVE-2017-1000111

2017-10-05 01:29:04

nessus

Ubuntu 16.10 : linux vulnerability (USN-3152-1)

2016-12-06 00:00:00

Ubuntu 16.04 LTS : Linux kernel (Qualcomm Snapdragon) vulnerability (USN-3151-3)

2016-12-06 00:00:00

Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerability (USN-3151-2)

2016-12-06 00:00:00

openvas

Slackware: Security Advisory (SSA:2016-347-01)

2022-04-21 00:00:00

Ubuntu: Security Advisory (USN-3152-2)

2016-12-06 00:00:00

Ubuntu: Security Advisory (USN-3149-1)

2016-12-06 00:00:00

seebug

Linux af_packet.c race condition (local root) (CVE-2016-8655)

2016-12-07 00:00:00

slackware

[slackware-security] kernel

2016-12-12 23:10:22

cvelist

CVE-2016-8655

2016-12-08 08:08:00

CVE-2017-1000111

2017-10-04 01:00:00

zdt

Linux Kernel 4.4.0-21 < 4.4.0-51 (Ubuntu 14.04/16.04 x86-64) AF_PACKET Race Condition Privilege

2019-07-26 00:00:00

Linux 4.4.0 < 4.4.0-53 - AF_PACKET chocobo_root Privilege Escalation Exploit

2018-05-23 00:00:00

Linux Kernel 4.4.0 AF_PACKET Race Condition / Privilege Escalation Exploit

2016-12-07 00:00:00

archlinux

[ASA-201612-5] linux-grsec: privilege escalation

2016-12-06 00:00:00

[ASA-201612-6] linux: privilege escalation

2016-12-06 00:00:00

[ASA-201612-7] linux-lts: privilege escalation

2016-12-06 00:00:00

ubuntu

Linux kernel vulnerability

2016-12-05 00:00:00

Linux kernel (Raspberry Pi 2) vulnerability

2016-12-06 00:00:00

Linux kernel (Raspberry Pi 2) vulnerability

2016-12-05 00:00:00

metasploit

AF_PACKET chocobo_root Privilege Escalation

2018-05-07 07:11:07

ubuntucve

CVE-2016-8655

2016-12-05 00:00:00

CVE-2017-1000111

2017-08-10 00:00:00

packetstorm

AF_PACKET chocobo_root Privilege Escalation

2018-05-22 00:00:00

exploitpack

Linux Kernel 4.4.0-21 4.4.0-51 (Ubuntu 14.0416.04 x86-64) - AF_PACKET Race Condition Privilege Escalation

2018-12-29 00:00:00

veracode

Use-After-Free

2019-01-15 09:16:02

thn

5-Year-Old Linux Kernel Local Privilege Escalation Flaw Discovered

2016-12-07 04:41:00

11-Year Old Linux Kernel Local Privilege Escalation Flaw Discovered

2017-02-22 07:08:00

K38472857 : Kernel vulnerability CVE-2016-8655

2016-12-22 00:00:00

K44309215 : Linux kernel vulnerability CVE-2017-1000111

2018-03-14 00:00:00

prion

Race condition

2016-12-08 08:59:00

Heap overflow

2017-10-05 01:29:00

myhack58

UCloud-201612-002: Linux kernel through kill to mention the right vulnerability Security Alert-vulnerability warning-the black bar safety net

2016-12-15 00:00:00

Lurking in 11 years of Linux kernel to mention the right vulnerability-exposure-vulnerability warning-the black bar safety net

2017-02-23 00:00:00

redhat

(RHSA-2017:0402) Important: kernel-rt security, bug fix, and enhancement update

2017-03-02 15:47:05

(RHSA-2017:0386) Important: kernel security, bug fix, and enhancement update

2017-03-02 15:22:31

(RHSA-2017:0387) Important: kernel-rt security and bug fix update

2017-03-02 15:22:34

threatpost

Old Linux Kernel Code Execution Bug Patched

2016-12-08 09:15:57

redhatcve

CVE-2016-8655

2019-10-09 04:21:35

nvd

CVE-2016-8655

2016-12-08 08:59:00

CVE-2017-1000111

2017-10-05 01:29:04

exploitdb

Linux Kernel 4.4.0-21 < 4.4.0-51 (Ubuntu 14.04/16.04 x64) - 'AF_PACKET' Race Condition Privilege Escalation

2018-12-29 00:00:00

Linux 4.4.0 < 4.4.0-53 - 'AF_PACKET chocobo_root' Local Privilege Escalation (Metasploit)

2018-05-22 00:00:00

suse

Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 (important)

2016-12-12 19:09:44

Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 (important)

2016-12-16 19:08:30

Security update for Linux Kernel Live Patch 15 for SLE 12 (important)

2016-12-20 16:07:37

debiancve

CVE-2017-1000111

2017-10-05 01:29:04

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2016-0014

2016-12-15 00:00:00

googleprojectzero

Exploiting the Linux kernel via packet sockets

2017-05-10 00:00:00

fedora

[SECURITY] Fedora 25 Update: kernel-4.8.13-300.fc25

2016-12-13 00:03:27

[SECURITY] Fedora 24 Update: kernel-4.8.13-200.fc24

2016-12-13 02:28:46

[SECURITY] Fedora 23 Update: kernel-4.8.13-100.fc23

2016-12-13 04:22:46

oraclelinux

kernel security, bug fix, and enhancement update

2017-03-03 00:00:00

kernel security, bug fix, and enhancement update

2017-03-02 00:00:00

Unbreakable Enterprise kernel security update

2017-01-12 00:00:00

amazon

Important: kernel

2016-12-06 23:44:00

centos

kernel, perf, python security update

2017-03-06 15:04:15

mageia

Updated kernel packages fixes security vulnerabilities

2016-12-08 10:33:24

Updated kernel-tmb packages fix security vulnerabilities

2017-01-04 01:05:03

Updated kernel-linus packages fix security vulnerabilities

2017-01-04 01:05:03

ibm

Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM

2018-06-18 01:37:19

Security Bulletin: IBM QRadar Network Security is affected by vulnerabilities in Linux kernel

2018-06-16 22:02:07

osv

linux - security update

2017-01-01 00:00:00

debian

[SECURITY] [DLA 772-1] linux security update

2017-01-01 18:24:51

androidsecurity

Android Security Bulletin—March 2017

2017-03-06 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.5%

JSON

Related for DEBIANCVE:CVE-2016-8655