Description
* A use-after-free vulnerability was found in the kernel's socket recvmmsg
subsystem. This may allow remote attackers to corrupt memory and may allow
execution of arbitrary code. This corruption takes place during the error
handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)
* It is possible for a single process to cause an OOM condition by filling large
pipes with data that are never read. A typical process filling 4096 pipes with 1
MB of data will use 4 GB of memory and there can be multiple such processes, up
to a per-user-limit. (CVE-2016-2847, Moderate)