exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

CVE-2016-4998

Status Candidate

Overview

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.

Related Files

Red Hat Security Advisory 2017-0036-01
Posted Jan 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0036-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-4998, CVE-2016-6828, CVE-2016-7117
SHA-256 | 15164c175d193bcb243a86da700b13f6c2a1a766792df90f796ac8026c818f27
Red Hat Security Advisory 2016-1847-01
Posted Sep 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1847-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A security flaw was found in the Linux kernel in the mark_source_chains() function in "net/ipv4/netfilter/ip_tables.c". It is possible for a user-supplied "ipt_entry" structure to have a large "next_offset" field. This field is not bounds checked prior to writing to a counter value at the supplied offset.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-3134, CVE-2016-4997, CVE-2016-4998
SHA-256 | 97c4833d6ef062497ce53d7bc4c425df6db32d45c28eb4202a714264ea140c56
Red Hat Security Advisory 2016-1875-01
Posted Sep 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1875-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. The kernel-rt packages have been upgraded to the kernel-3.10.0-327.36.1 source tree, which provides a number of bug fixes over the previous version. Security Fix: A security flaw was found in the Linux kernel in the mark_source_chains() function in "net/ipv4/netfilter/ip_tables.c". It is possible for a user-supplied "ipt_entry" structure to have a large "next_offset" field. This field is not bounds checked prior to writing to a counter value at the supplied offset.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-3134, CVE-2016-4997, CVE-2016-4998
SHA-256 | 0fa57f8af62588a757e2e80f9e728575d38e5444f6abbf06db0b8907755051df
Red Hat Security Advisory 2016-1883-01
Posted Sep 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1883-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. The kernel-rt packages have been upgraded to version 3.10.0-327.rt56.197, which provides a number of bug fixes over the previous version. Security Fix: A security flaw was found in the Linux kernel in the mark_source_chains() function in "net/ipv4/netfilter/ip_tables.c". It is possible for a user-supplied "ipt_entry" structure to have a large "next_offset" field. This field is not bounds checked prior to writing to a counter value at the supplied offset.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2016-3134, CVE-2016-4997, CVE-2016-4998
SHA-256 | 560ae7b8c932b8db101f981656564278badc38c9fb1687c8d0d32cffb6951d8e
Ubuntu Security Notice USN-3016-4
Posted Jun 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-4 - USN-3016-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | 8b422961da61bd3f40b99e99fad351371bb6609bb98f432f77cc11d8d554d24b
Ubuntu Security Notice USN-3017-3
Posted Jun 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3017-3 - USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | a1beb623f5e33a2e8c161fd6cca966622aa0882f56c90c2404ac48f36c15fc9b
Ubuntu Security Notice USN-3020-1
Posted Jun 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3020-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | 54f83afa154640f8024df9abd28aa401d3608933d58a98291d2ff9437c61ffc3
Ubuntu Security Notice USN-3018-2
Posted Jun 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3018-2 - USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4565, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4997, CVE-2016-4998
SHA-256 | 967ed36586a074ad56c5537a86344439a141220272f76359ff378d22c3a93cd7
Ubuntu Security Notice USN-3019-1
Posted Jun 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3019-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4565, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4997, CVE-2016-4998
SHA-256 | 9290b489b84336a68219bbf34af20a42bbcb89266e0f5470f3726d9949ced727
Ubuntu Security Notice USN-3018-1
Posted Jun 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3018-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4565, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4997, CVE-2016-4998
SHA-256 | 19b9ec27b0226f3c7b7630645b541791cdab6e5d2596d808843adf1e12571f08
Ubuntu Security Notice USN-3017-1
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3017-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | 79f36f91ab71a9288eb4ac5bd94a84055fe207a3b8ffde26e2b998bac448de0b
Ubuntu Security Notice USN-3017-2
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3017-2 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | 9a2ae0d9a1ce7f3c114d1711ce02b4e07a2fdfe9dd0b82dad517fe7ff5247145
Ubuntu Security Notice USN-3016-3
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-3 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | 4a46c330fbc5d59fcecbb0755e870ff87b7bc2891a32e3f9e0bc14cf19ac7aa1
Ubuntu Security Notice USN-3016-2
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-2 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | 3b960ba01dd7b794aef265df87941a0121a7b266f1c50456a9f279d9ccd0c927
Ubuntu Security Notice USN-3016-1
Posted Jun 27, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3016-1 - Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Kangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-4482, CVE-2016-4569, CVE-2016-4578, CVE-2016-4580, CVE-2016-4913, CVE-2016-4951, CVE-2016-4997, CVE-2016-4998
SHA-256 | b7b6569c094d6e250336c05cb6c8a2054aae6090826ed99ebac47b7a65fba9bd
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close