CVE-2016-10153

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.9.x through 4.9.5

Description The issue is related to the crypto scatterlist API in the Linux kernel, which interacts incorrectly with the CONFIG VMAP STACK option. This can allow local users to cause a denial of service, such as a system crash or memory corruption, by leveraging reliance on earlier net/ceph/crypto.c code. The vulnerability is associated with resource management errors.

Recommendations For Linux kernel versions 4.9.x through 4.9.5, update to version 4.9.6 or later to resolve the issue. As a temporary workaround, consider disabling the CONFIG VMAP STACK option until a patch is available. Restrict access to the crypto scatterlist API to minimize the risk of exploitation. Avoid using the affected net/ceph/crypto.c code in the API endpoint until the issue is resolved.