Wind River Support Network

HomeDefectsSCP7-460

Fixed

SCP7-460 : Security Advisory - linux - CVE-2016-7097

Created: Oct 25, 2016 Updated: Sep 8, 2018

Resolved Date: Dec 29, 2016

Found In Version: 7.0.0.20

Fix Version: 7.0.0.23

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Kernel

Description

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7097

Other Downloads

Wind River Linux SCP 7.0.0.23
Wind River Linux SCP 7.0.0.24
Wind River Linux SCP 7.0.0.25
Wind River Linux SCP 7.0.0.26
Wind River Linux SCP 7.0.0.27
Wind River Linux SCP 7.0.0.28
Wind River Linux SCP 7.0.0.29
Wind River Linux SCP 7.0.0.30
Wind River Linux SCP 7.0.0.31