AppArmor setprocattr Buffer Overflow Vulnerability
CVE-2016-6187 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.