CVE-2016-10376 Fedora Security Update for gajim (FEDORA-2017-3c561780c8)

漏洞类别:Fedora

漏洞等级:

漏洞信息

Fedora has released security update for gajim to fix the vulnerability.

Affected OS:
Fedora 24
Fedora 25

漏洞危害

This vulnerability could be exploited to gain partial access to sensitive information.

解决方案

Fedora has issued updated packages to fix this vulnerability. Updates can be installed using the yum utility, which can be downloaded from the Fedora Web site.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 24 Update
Fedora 25 Update

Patch:
Following are links for downloading patches to fix the vulnerabilities:

FEDORA-2017-3c561780c8: Fedora 24

FEDORA-2017-3c561780c8: Fedora 25

0daybank

CVE-2017-8366 Fedora Security Update for ettercap (FEDORA-2017-8722576148)

漏洞类别:Fedora

漏洞等级:

漏洞信息

Fedora has released security update for ettercap to fix the vulnerability.

Affected OS:
Fedora 24
Fedora 25

漏洞危害

This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial contents or configuration on the system. Additionally this vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability.

解决方案

Fedora has issued updated packages to fix this vulnerability. Updates can be installed using the yum utility, which can be downloaded from the Fedora Web site.

For more information about the vulnerability and obtaining patches, refer to the following Fedora security advisories:
Fedora 24 Update
Fedora 25 Update

Patch:
Following are links for downloading patches to fix the vulnerabilities:

FEDORA-2017-8722576148: Fedora 24

FEDORA-2017-8722576148: Fedora 25

0daybank

CVE-2017-1000366 Oracle Enterprise Linux Security Update for glibc (ELSA-2017-1481) (Stack Clash)

漏洞类别:OEL'

漏洞等级:

漏洞信息

Oracle Enterprise Linux has released security update for glibc to fix the vulnerabilities.

Affected Products:
Oracle Linux 7

漏洞危害

An attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system.

解决方案

To resolve this issue, upgrade to the latest packages which contain a patch. Refer to Oracle Enterprise Linux advisory below for updates and patch information:

Oracle Linux 7

Patch:
Following are links for downloading patches to fix the vulnerabilities:

ELSA-2017-1481: Oracle Linux 7

0daybank

CVE-2017-1000363 Ubuntu Security Notification for Linux-aws, Linux-meta-aws Vulnerabilities (USN-3331-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

A reference count bug was discovered in the Linux kernel ipx protocol stack.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems. (CVE-2017-7487)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

解决方案

Refer to Ubuntu advisory USN-3331-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3331-1: 16.04 (Xenial) on src (linux-image-4.4.0-1020-aws)

0daybank

CVE-2017-1000363 Ubuntu Security Notification for Linux-meta-raspi2, Linux-raspi2 Vulnerabilities (USN-3332-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

A reference count bug was discovered in the Linux kernel ipx protocol stack.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems. (CVE-2017-7487)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

解决方案

Refer to Ubuntu advisory USN-3332-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3332-1: 16.04 (Xenial) on src (linux-image-4.4.0-1059-raspi2)

USN-3332-1: 16.04 (Xenial) on src (linux-image-raspi2)

0daybank

CVE-2017-1000363 Ubuntu Security Notification for Linux-hwe, Linux-meta-hwe Vulnerabilities (USN-3333-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel.

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

It was discovered that the VideoCore DRM driver in the Linux kernel did not return an error after detecting certain overflows.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7374)

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could exploit this issue to cause a denial of service (OOPS). (CVE-2017-5577)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

0daybank

CVE-2017-1000363 Ubuntu Security Notification for Linux-lts-xenial, Linux-meta-lts-xenial Vulnerabilities (USN-3334-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

A reference count bug was discovered in the Linux kernel ipx protocol stack.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems. (CVE-2017-7487)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

0daybank

CVE-2014-9940 Ubuntu Security Notification for Linux, Linux-meta Vulnerabilities (USN-3335-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux kernel.

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

An integer overflow vulnerability existed in the Direct Rendering Manager (DRM) driver for VMWare devices in the Linux kernel.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2014-9940)

A privileged local attacker could use this to execute arbitrary code. (CVE-2017-0605)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7294)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

解决方案

Refer to Ubuntu advisory USN-3335-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3335-1: 14.04 (Kylin) on src (linux-image-powerpc64-emb)

USN-3335-1: 14.04 (Kylin) on src (linux-image-powerpc-e500)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lpae-lts-saucy)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-powerpc-smp)

USN-3335-1: 14.04 (Kylin) on src (linux-image-powerpc-e500mc)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-pae)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-powerpc64-emb)

USN-3335-1: 14.04 (Kylin) on src (linux-image-lowlatency)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-powerpc-e500mc)

USN-3335-1: 14.04 (Kylin) on src (linux-image-lowlatency-pae)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lpae-lts-trusty)

USN-3335-1: 14.04 (Kylin) on src (linux-image-omap)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-lowlatency)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-generic-lpae)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-generic)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lts-quantal)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lts-trusty)

USN-3335-1: 14.04 (Kylin) on src (linux-image-powerpc-smp)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lts-raring)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic)

USN-3335-1: 14.04 (Kylin) on src (linux-image-powerpc64-smp)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-powerpc64-smp)

USN-3335-1: 14.04 (Kylin) on src (linux-image-highbank)

USN-3335-1: 14.04 (Kylin) on src (linux-image-3.13.0-121-powerpc-e500)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lpae)

USN-3335-1: 14.04 (Kylin) on src (linux-image-generic-lts-saucy)

USN-3335-1: 14.04 (Kylin) on src (linux-image-virtual)

0daybank

CVE-2017-1000363 Ubuntu Security Notification for Linux, Linux-meta Vulnerabilities (USN-3328-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

A reference count bug was discovered in the Linux kernel ipx protocol stack.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems. (CVE-2017-7487)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

解决方案

Refer to Ubuntu advisory USN-3328-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-emb)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-emb-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-lowlatency-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-smp-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-powerpc64-emb)

USN-3328-1: 16.04 (Xenial) on src (linux-image-lowlatency-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-lowlatency-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-powerpc-smp)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-smp-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-smp-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-smp-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-virtual-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-e500mc-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-powerpc64-smp)

USN-3328-1: 16.04 (Xenial) on src (linux-image-lowlatency-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lpae-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-smp-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-smp)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-smp-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-virtual-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lpae)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lpae-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-e500mc-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-e500mc-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-e500mc)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-emb-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-emb-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-smp-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-lowlatency)

USN-3328-1: 16.04 (Xenial) on src (linux-image-virtual-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc-e500mc-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-powerpc-e500mc)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lpae-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-generic-lpae)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-emb-lts-wily)

USN-3328-1: 16.04 (Xenial) on src (linux-image-virtual)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-smp-lts-utopic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-generic-lpae-lts-xenial)

USN-3328-1: 16.04 (Xenial) on src (linux-image-4.4.0-81-generic)

USN-3328-1: 16.04 (Xenial) on src (linux-image-virtual-lts-vivid)

USN-3328-1: 16.04 (Xenial) on src (linux-image-lowlatency)

USN-3328-1: 16.04 (Xenial) on src (linux-image-powerpc64-smp)

0daybank

CVE-2017-1000363 Ubuntu Security Notification for Linux-meta-raspi2, Linux-raspi2 Vulnerabilities (USN-3327-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel.

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap.

It was discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments.

It was discovered that the VideoCore DRM driver in the Linux kernel did not return an error after detecting certain overflows.

A double free bug was discovered in the IPv4 stack of the Linux kernel.

An IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack.

A flaw in the handling of inheritance in the Linux kernel's IPv6 stack.

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.

It was discovered that the transmission control protocol (tcp) v6 in the Linux kernel mishandled inheritance.

It was discovered that the IPv6 stack was doing over write consistency check after the data was actually overwritten.

漏洞危害

A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7374)

An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364)

A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. (CVE-2017-1000363)

A local attacker could exploit this issue to cause a denial of service (OOPS). (CVE-2017-5577)

An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890)

A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074)

A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9076)

A local attacker could exploit this issue to cause a denial of service or potentially other unspecified problems. (CVE-2017-9077)

A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242)

解决方案

Refer to Ubuntu advisory USN-3327-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3327-1: 16.10 (Yakkety) on src (linux-image-4.8.0-1040-raspi2)

USN-3327-1: 16.10 (Yakkety) on src (linux-image-raspi2)

0daybank