7.1

CVE-2016-4998

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 4.5.5
OracleLinux Version7
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version15.10
CanonicalUbuntu Linux Version16.04 SwEditionlts
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.89% 0.768
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.1 1.8 5.2
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
nvd@nist.gov 5.6 3.9 7.8
AV:L/AC:L/Au:N/C:P/I:N/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
http://www.debian.org/security/2016/dsa-3607
http://rhn.redhat.com/errata/RHSA-2016-1847.html
http://rhn.redhat.com/errata/RHSA-2016-1875.html
http://rhn.redhat.com/errata/RHSA-2016-1883.html
http://www.ubuntu.com/usn/USN-3016-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-3016-2
Third Party Advisory
http://www.ubuntu.com/usn/USN-3016-3
Third Party Advisory
http://www.ubuntu.com/usn/USN-3016-4
Third Party Advisory
http://www.ubuntu.com/usn/USN-3017-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-3017-2
Third Party Advisory
http://www.ubuntu.com/usn/USN-3017-3
Third Party Advisory
http://www.ubuntu.com/usn/USN-3018-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-3018-2
Third Party Advisory
http://www.ubuntu.com/usn/USN-3019-1
Third Party Advisory
http://www.ubuntu.com/usn/USN-3020-1
Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/06/24/5
http://www.securityfocus.com/bid/91451
http://www.securitytracker.com/id/1036171
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
http://rhn.redhat.com/errata/RHSA-2017-0036.html
https://bugzilla.redhat.com/show_bug.cgi?id=1349886
Third Party Advisory
VDB Entry
Issue Tracking
https://github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
Patch
Vendor Advisory