MNBSD-2016-0: Linux emulation futex robust list handling accesses incorrect memory

Severity: Unknown

Affected Package: kernel

Summary: Linux emulation futex robust list handling accesses incorrect memory

Description

A programming error in the handling of Linux futex robust lists could result in incorrect memory locations being accessed. A local attacker could manipulate a linux_robust_list_head structure via a futex to read portions of kernel memory, potentially leading to privilege escalation. Only systems using the Linux binary compatibility layer are affected. Fixed in the 0.7.3 release.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2016-1880

Published: January 14, 2016
Last Modified: January 14, 2016