Security Advisory

CVE-2016-7097

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2016-10-16 21:00:00

Last updated 2024-08-06 01:50:47

Assigner redhat

State PUBLISHED

Description

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

← Browse all CVEs View on cve.org ↗