F5 Networks BIG-IP : Linux kernel vulnerability (K55672042)
Medium Nessus Plugin ID 94206
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command. (CVE-2016-4470)
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K55672042.