USN-3189-1

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2016-10147 CVE-2016-8399 UBUNTU-CVE-2016-10147 UBUNTU-CVE-2016-8399

Published: 03 Feb 2017, 09:12

Last modified:22 Apr 2026, 09:32

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

03 Feb 2017, 09:12

Published

Vulnerability first disclosed

22 Apr 2026, 09:32

Last Modified

Vulnerability information updated

Description

linux, linux-raspi2, linux-snapdragon vulnerabilities Mikulas Patocka discovered that the asynchronous multibuffer cryptographic daemon (mcryptd) in the Linux kernel did not properly handle being invoked with incompatible algorithms. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-10147) Qidan He discovered that the ICMP implementation in the Linux kernel did not properly check the size of an ICMP header. A local attacker with CAP_NET_ADMIN could use this to expose sensitive information. (CVE-2016-8399)

Affected Systems

ubuntu•linux
< 4.4.0-62.83
ubuntu•linux-raspi2
< 4.4.0-1042.49
ubuntu•linux-snapdragon
< 4.4.0-1046.50

USN-3189-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)