Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Alert - Linux Kernel Vulnerability

Number: AL16-019
Date: 21 October 2016

Purpose

The purpose of this alert is to bring attention to a recently disclosed vulnerability in the Linux kernel.

Assessment

CCIRC is aware of a recently disclosed vulnerability in the Linux kernel. Identified as CVE-2016-5195, this vulnerability can allow root privilege escalation in the Linux kernel environment.

CVE Reference: CVE-2016-5195
Affected Kernel Version: 3.9 and higher

Suggested Action

Due to the potential risk presented by this vulnerability, CCIRC recommends that system administrators watch for vendor-released updates of affected Linux kernel versions.

References:

Date modified: