Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-9794)
Andrey Konovalov discovered that signed integer overflows existed in the setsockopt() system call when handling the SOSNDBUFFORCE and SORCVBUFFORCE options. A local attacker with the CAPNETADMIN capability could use this to cause a denial of service (system crash or memory corruption). (CVE-2016-9793)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.4.0-1040.47", "binary_name": "linux-headers-4.4.0-1040-raspi2" }, { "binary_version": "4.4.0-1040.47", "binary_name": "linux-image-4.4.0-1040-raspi2" }, { "binary_version": "4.4.0-1040.47", "binary_name": "linux-image-4.4.0-1040-raspi2-dbgsym" }, { "binary_version": "4.4.0-1040.47", "binary_name": "linux-raspi2-headers-4.4.0-1040" }, { "binary_version": "4.4.0-1040.47", "binary_name": "linux-raspi2-tools-4.4.0-1040" }, { "binary_version": "4.4.0-1040.47", "binary_name": "linux-raspi2-tools-4.4.0-1040-dbgsym" }, { "binary_version": "4.4.0-1040.47", "binary_name": "linux-tools-4.4.0-1040-raspi2" } ] }