CVE-2016-4998

by Fred · 03/07/2016

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.

Date published : 2016-07-03

http://www.securityfocus.com/bid/91451

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91

CVE-2016-4998

Similar

Recent Posts

Categories

CVE-2016-4998

Share this:

Similar

Recent Posts

Categories

Tags