CVE-2016-10229 linux

Metadata

critical
10.0
linux
CVE-2016-10229
2017-06-18 07:51
ALAS-2017-832
CVE-2016-10229
2017-06-16 19:17
2017-04-12 05:03
2017-04-05 05:03
2017-04-04 07:03

Description

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster linux 4.5.1-1
jessie linux 3.16.7-ckt20-1+deb8u2
sid linux 4.5.1-1
stretch linux 4.5.1-1
wheezy linux 3.2.73-2+deb7u2