AppArmor setprocattr Buffer Overflow Vulnerability

AppArmor setprocattr Buffer Overflow Vulnerability

CVE-2016-6187 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.