Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)
Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)
Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.4.0-1027.33", "binary_name": "linux-headers-4.4.0-1027-raspi2" }, { "binary_version": "4.4.0-1027.33", "binary_name": "linux-image-4.4.0-1027-raspi2" }, { "binary_version": "4.4.0-1027.33", "binary_name": "linux-image-4.4.0-1027-raspi2-dbgsym" }, { "binary_version": "4.4.0-1027.33", "binary_name": "linux-raspi2-headers-4.4.0-1027" }, { "binary_version": "4.4.0-1027.33", "binary_name": "linux-raspi2-tools-4.4.0-1027" }, { "binary_version": "4.4.0-1027.33", "binary_name": "linux-raspi2-tools-4.4.0-1027-dbgsym" }, { "binary_version": "4.4.0-1027.33", "binary_name": "linux-tools-4.4.0-1027-raspi2" } ] }