MNBSD-2016-1: Linux emulation setgroups(2) can overwrite kernel memory

Severity: Unknown

Affected Package: kernel

Summary: Linux emulation setgroups(2) can overwrite kernel memory

Description

A programming error in the Linux compatibility layer setgroups(2) system call could lead to unexpected results such as overwriting random kernel memory contents. A local user could exploit this for a denial of service or potential privilege escalation. Only systems using the Linux binary compatibility layer are affected. Fixed in the 0.7.3 release.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2016-1881

Published: January 14, 2016
Last Modified: January 14, 2016