CVE-2016-6187 on Ubuntu 16.04 LTS (xenial) - medium.
Description:
The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 4.6.5 does not validate the buffer size, which allows local users to gain privileges by triggering an AppArmor setprocattr hook.