← back
CVE-2016-8655

CVE-2016-8655

EPSS 11.1%

Patch soon. has a working public exploit.

Vexday Risk Score
43Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (12 stars) — exploitation code widely available.
CVSS EPSS 11.1%KEV nãoPoC públicaNuclei Metasploit simPatch referenciado
Lifecycle
12 Aug 2016Metasploit module available
06 Dec 2016Public PoC
08 Dec 2016Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.