阿里云漏洞库

Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。

Android和其他产品中使用的Linux kernel 4.3.2及之前版本中的networking实现过程中存在安全漏洞。由于程序未能验证协议族的协议标识符。本地攻击者可通过使用CLONE_NEWUSER支持运行特制的SOCK_RAW应用，利用该漏洞拒绝服务（空指针逆向引用和系统崩溃）。

用户可联系供应商获得补丁信息：
https://www.kernel.org/

参考链接
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=794...
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
http://rhn.redhat.com/errata/RHSA-2016-0855.html
http://rhn.redhat.com/errata/RHSA-2016-2574.html
http://rhn.redhat.com/errata/RHSA-2016-2584.html
http://www.debian.org/security/2015/dsa-3426
http://www.debian.org/security/2016/dsa-3434
http://www.openwall.com/lists/oss-security/2015/12/09/5
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/79698
http://www.securitytracker.com/id/1034892
http://www.ubuntu.com/usn/USN-2886-1
http://www.ubuntu.com/usn/USN-2888-1
http://www.ubuntu.com/usn/USN-2890-1
http://www.ubuntu.com/usn/USN-2890-2
http://www.ubuntu.com/usn/USN-2890-3
https://bugzilla.redhat.com/show_bug.cgi?id=1290475
https://github.com/torvalds/linux/commit/79462ad02e861803b3840cc782248c7359451cd9

CWE-ID	漏洞类型
NVD-CWE-Other