CVE-2016-4997

Опубликовано: 24 июн. 2016

Источник: redhat

CVSS3: 7.3

CVSS2: 7.2

Описание

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges.

Отчет

This issue affects the Linux kernels as shipped with Red Hat Enterprise Linux 7, MRG-2 and realtime and will be addressed in a future update.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Fixed	RHSA-2016:1875	15.09.2016
Red Hat Enterprise Linux 7	kernel	Fixed	RHSA-2016:1847	15.09.2016
Red Hat Enterprise MRG 2	kernel-rt	Fixed	RHSA-2016:1883	14.09.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1349722kernel: compat IPT_SO_SET_REPLACE setsockopt

7.3 High

CVSS3

7.2 High

CVSS2

Связанные уязвимости

CVE-2016-4997

CVSS3: 7.8

ubuntu

почти 9 лет назад

CVE-2016-4997

CVSS3: 7.8

nvd

почти 9 лет назад

CVE-2016-4997

CVSS3: 7.8

debian

почти 9 лет назад

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt imple ...

SUSE-SU-2016:1710-1

suse-cvrf

почти 9 лет назад

Security update for the Linux Kernel

SUSE-SU-2016:1709-1

suse-cvrf

почти 9 лет назад

Security update for the Linux Kernel

7.3 High

CVSS3

7.2 High

CVSS2