CVE-2012-6704

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.5

Description The issue is related to the sock setsockopt function in the Linux kernel, which mishandles negative values of sk sndbuf and sk rcvbuf. This can be exploited by local users with the CAP NET ADMIN capability to cause a denial of service, including memory corruption and system crash, by making a crafted setsockopt system call with the SO SNDBUF or SO RCVBUF option.

Recommendations For Linux kernel versions prior to 3.5, update to version 3.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the CAP NET ADMIN capability to minimize the risk of exploitation. Additionally, avoid using the SO SNDBUF and SO RCVBUF options in setsockopt system calls until the issue is resolved.