Qian Zhang

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.8.12 **Description** The issue is related to a heap-based buffer overflow in the Linux kernel, which can be exploited by local users to gain privileges or cause a denial of service. This is due to the `tipc msg build` function in `net/tipc/msg.c` not validating the relationship between the minimum fragment length and the maximum packet size. The exploitation of this issue is possible by leveraging the `CAP NET ADMIN` capability. **Recommendations** For Linux kernel versions prior to 4.8.12, update to version 4.8.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 4.6.3 **Description** The issue allows local users to gain privileges or cause a denial of service due to memory corruption. This can be achieved by providing a crafted offset value, leveraging in-container root access. **Recommendations** For Linux kernel versions prior to 4.6.3, update to version 4.6.3 or later to resolve the issue.