Users login

Create an account »

JOIN XATRIX

Users login

Home » CVE Vulnerabilities » CVE-2016-10044

CVE-2016-10044 The aio_mount function in fs/aio.c in

  • CVE ID: CVE-2016-10044
  • Vendors: Linux, Google
  • Date: February 07, 2017
  • Severity: High
  • Impact score: 10.00
  • Exploit score: 3.90

The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »