Advisories » MGASA-2016-0032

Updated kernel-tmb packages fix security vulnerability

Publication date: 21 Jan 2016
Modification date: 21 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0728

Description

Perception Point Research Team found a reference leak in keyring in
join_session_keyring() that can be exploited to successfully escalate
privileges from a local user to root (CVE-2016-0728).

Other fixes in this kernel update:
- netfilter: nf_nat_redirect: add missing NULL pointer check
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17553
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0728

SRPMS

5/core

• kernel-tmb-4.1.15-2.mga5