CVE-2016-3134

Published: Apr 27, 2016

Modified: Aug 5, 2024

PUBLISHED

Description

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2016:1690

vendor-advisory

x_refsource_SUSE

https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309

x_refsource_CONFIRM

https://code.google.com/p/google-security-research/issues/detail?id=758

x_refsource_MISC

SUSE-SU-2016:2010

vendor-advisory

x_refsource_SUSE

USN-2930-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1696

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=1317383

x_refsource_CONFIRM

SUSE-SU-2016:1994

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

x_refsource_CONFIRM

SUSE-SU-2016:1961

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

x_refsource_CONFIRM

USN-2930-2

vendor-advisory

x_refsource_UBUNTU

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309

x_refsource_CONFIRM

SUSE-SU-2016:2001

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:1985

vendor-advisory

x_refsource_SUSE

RHSA-2016:1847

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:2006

vendor-advisory

x_refsource_SUSE

USN-3049-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2016:1875

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:2014

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:1641

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:1764

vendor-advisory

x_refsource_SUSE

USN-2930-3

vendor-advisory

x_refsource_UBUNTU

DSA-3607

vendor-advisory

x_refsource_DEBIAN

1036763

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2016:1672

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2009

vendor-advisory

x_refsource_SUSE

USN-2929-1

vendor-advisory

x_refsource_UBUNTU

USN-2932-1

vendor-advisory

x_refsource_UBUNTU

USN-3050-1

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:2005

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2007

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2074

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

x_refsource_CONFIRM

SUSE-SU-2016:2000

vendor-advisory

x_refsource_SUSE

RHSA-2016:1883

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:1995

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2002

vendor-advisory

x_refsource_SUSE

USN-2931-1

vendor-advisory

x_refsource_UBUNTU

USN-2929-2

vendor-advisory

x_refsource_UBUNTU

84305

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-3134

Description

Affected Products

References