CVE-2016-4998 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel
Severity
7.1HIGHNVD
EPSS
1.5%
top 18.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 3
Latest updateMay 13
Description
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2
Affected Packages3 packages
Also affects: Ubuntu Linux 12.04, 14.04, 15.10, 16.04
Patches
🔴Vulnerability Details
3GHSA▶
GHSA-j87m-7c2j-m929: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4↗2022-05-13
OSV▶
CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4↗2016-07-03
CVEList▶
CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4↗2016-07-03
📋Vendor Advisories
12Android▶
CVE-2016-4998: Android Security Bulletin 2016-09-01
CVE: CVE-2016-4998
Severity: MEDIUM
References: A-29637687
Upstream kernel
[2]↗2016-09-01