It’s time to patch your Linux servers and PCs again. The good news is developers are looking very closely at Linux’s core code for possible security holes. The bad news is they’re finding them.
At least the best news is that they’re fixing them as soon as they’re uncovered.
The latest three kernel vulnerabilities are designated CVE-2016-8655, CVE-2016-6480, and CVE-2016-6828. Of these, CVE-2016-8655 is the worst of the bunch. It enables local users, which can include remote users with virtual and cloud-based Linux instances, to crash the system or run arbitrary code as root.
Read more at ZDNet