Mounting a crafted EXT4 image read-only leads to a memory corruption and SLAB out of bounds reads (according to KASAN). Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB device is required.

Gentoo Linux Security Advisory 201611-6 – A vulnerability in xinetd could lead to privilege escalation. Versions less than 2.3.15-r2 are affected.

Gentoo Linux Security Advisory 201611-7 – polkit is vulnerable to local privilege escalation. Versions less than 0.113 are affected.

Gentoo Linux Security Advisory 201611-8 – Multiple vulnerabilities have been found in libpng, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.6.21 are affected.

Gentoo Linux Security Advisory 201611-5 – tnftp is vulnerable to remote code execution if output file is not specified. Versions less than 20141104 are affected.

Gentoo Linux Security Advisory 201611-9 – Multiple vulnerabilities have been found in Xen, the worst of which allows gaining of privileges on the host system. Versions less than 4.6.3-r3 are affected.

Red Hat Security Advisory 2016-2749-01 – MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

Red Hat Security Advisory 2016-2750-01 – PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The memcache, mongo, and XDebug extensions are also included. The rh-php56 Software Collection has been upgraded to version 5.6.25, which provides a number of bug fixes and enhancements over the previous version. Security Fixes in the rh-php56-php component have been added.