SUSE CVE-2016-10044

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...

DEBIAN-CVE-2016-10044

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...

UBUNTU-CVE-2016-10044

The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an iosetup system call...

The vulnerability of the SELinux security mechanism, which allows a perpetrator to circumvent existing access restrictions

The vulnerability of the SELinux security mechanism is related to code errors. Exploiting this vulnerability can allow an attacker, who operates locally, to gain access to memory with write and execute privileges by manipulating system calls such as iosetup, ioctxalloc, and aiosetupring...

PT-2016-3140 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.7.7 Description: The issue is related to the aio mount function in fs/aio.c, which does not properly restrict execute access. This allows a local attacker to bypass intended SELinux W^X policy restrictions and...