QwikSec

Security Database

CVE

CWE

Training

CVE-2016-4997

Published: Jul 3, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2016:2180

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

x_refsource_CONFIRM

SUSE-SU-2016:1709

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

x_refsource_CONFIRM

SUSE-SU-2016:1985

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=1349722

x_refsource_CONFIRM

openSUSE-SU-2016:2184

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:2174

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:2018

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)

mailing-list

x_refsource_MLIST

SUSE-SU-2016:2181

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2178

vendor-advisory

x_refsource_SUSE

exploit

x_refsource_EXPLOIT-DB

https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_SECTRACK

exploit

x_refsource_EXPLOIT-DB

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

x_refsource_CONFIRM

SUSE-SU-2016:2177

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:2179

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:2105

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

SUSE-SU-2016:1710

vendor-advisory

x_refsource_SUSE

[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_BID

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3

x_refsource_CONFIRM

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt

x_refsource_MISC

SUSE-SU-2016:1937

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.