Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-9793

Опубликовано: 02 дек. 2016
Источник: redhat
CVSS3: 6.7
CVSS2: 6.9
EPSS Низкий

Описание

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption.

Отчет

This issue does not affect the kernels as shipping with Red Hat Enterprise Linux 5 and 6. This issue does affect kernels 7, MRG-2 and realtime kernels and plans to be fixed in a future update.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelNot affected
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernel-rtFixedRHSA-2017:093112.04.2017
Red Hat Enterprise Linux 7kernelFixedRHSA-2017:093312.04.2017
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2017:093212.04.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1402013kernel: Signed overflow for SO_{SND|RCV}BUFFORCE

EPSS

Процентиль: 84%
0.0218
Низкий

6.7 Medium

CVSS3

6.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-9793

CVSS3: 7.8
ubuntu
больше 8 лет назад

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

nvd логотип

CVE-2016-9793

CVSS3: 7.8
nvd
больше 8 лет назад

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

debian логотип

CVE-2016-9793

CVSS3: 7.8
debian
больше 8 лет назад

The sock_setsockopt function in net/core/sock.c in the Linux kernel be ...

github логотип

GHSA-p7q5-g2pg-7rc9

CVSS3: 7.8
github
около 3 лет назад

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

oracle-oval логотип

ELSA-2017-3510

oracle-oval
больше 8 лет назад

ELSA-2017-3510: Unbreakable Enterprise kernel security update (IMPORTANT)

EPSS

Процентиль: 84%
0.0218
Низкий

6.7 Medium

CVSS3

6.9 Medium

CVSS2