Security News > 2016 > January > 0-day in Linux kernel endangers Linux servers, Android devices (Help Net Security)

0-day in Linux kernel endangers Linux servers, Android devices (Help Net Security)

2016-01-20 14:36

A serious and pretty longstanding flaw in the Linux kernel has been recently discovered by researchers from infosec outfit Perception Point. The vulnerability (CVE-2016-0728) is caused by a referen...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/vfBAj8ipdRg/secworld.php

#0day #android #kernel #linux #security #server #CVE-2016-0728

Related news

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2016-02-08	CVE-2016-0728	The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. local low complexity google hp linux debian canonical	7.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Linux		18	378	1446	1139	696	3659
Android		4	0	17	2	0	19
Kernel		4	2	8	5	0	15

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.