CVE 2016-7097
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.
Related bugs and status
CVE-2016-7097 (Candidate) is related to these bugs:
Bug #1239087: Safely remove is not working (or broken) in Gnome Disks
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1239087 | Safely remove is not working (or broken) in Gnome Disks | gnome-disk-utility (Ubuntu) | Undecided | New |
Bug #792085: Automatic remount of safely removed USB 3.0 drive
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
792085 | Automatic remount of safely removed USB 3.0 drive | linux (Fedora) | Undecided | Fix Released | ||
792085 | Automatic remount of safely removed USB 3.0 drive | linux (openSUSE) | Medium | Fix Released | ||
792085 | Automatic remount of safely removed USB 3.0 drive | linux (Ubuntu) | Medium | Fix Released | ||
792085 | Automatic remount of safely removed USB 3.0 drive | linux (Ubuntu Yakkety) | Medium | Fix Released | ||
792085 | Automatic remount of safely removed USB 3.0 drive | linux (Ubuntu Xenial) | Medium | Fix Released | ||
792085 | Automatic remount of safely removed USB 3.0 drive | linux (Ubuntu Trusty) | Medium | Triaged |
Bug #1700972: Please only recommend or suggest initramfs-tools | linux-initramfs-tool for kernels able to boot without initramfs
Bug #1712345: sort ABI files with C.UTF-8 locale
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu) | Undecided | Fix Released | ||
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu Artful) | Undecided | Fix Released | ||
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu Precise) | Undecided | Won't Fix | ||
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu Trusty) | Undecided | Fix Released | ||
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu Vivid) | Undecided | Won't Fix | ||
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu Xenial) | Undecided | Fix Released | ||
1712345 | sort ABI files with C.UTF-8 locale | linux (Ubuntu Zesty) | Undecided | Fix Released |
Bug #1713456: linux: 3.13.0-130.179 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1713456 | linux: 3.13.0-130.179 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Confirmed | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | New | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | New | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Confirmed | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | In Progress | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Confirmed | ||
1713456 | linux: 3.13.0-130.179 -proposed tracker | linux (Ubuntu Trusty) | Undecided | Fix Released |
Bug #1715439: linux: 3.13.0-131.180 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1715439 | linux: 3.13.0-131.180 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | In Progress | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | New | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | New | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1715439 | linux: 3.13.0-131.180 -proposed tracker | linux (Ubuntu Trusty) | Undecided | Fix Released |
Bug #1716634: linux: 3.13.0-132.181 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1716634 | linux: 3.13.0-132.181 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | linux (Ubuntu Trusty) | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow upload-to-ppa | Medium | Invalid | ||
1716634 | linux: 3.13.0-132.181 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.