CVE

CVE-2016-7097 (linux_kernel)

CVE-2016-7097 (linux_kernel)

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

Source: CVE-2016-7097 (linux_kernel)

Exit mobile version