PT-2016-7432 · Linux+3 · Linux Kernel+3

Published

2016-03-17

·

Updated

2017-06-07

·

CVE-2016-7917

CVSS v3.1

5.0

Medium

VectorAV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.5
Description The issue allows local users to obtain sensitive information from kernel memory or cause a denial of service by leveraging the CAP NET ADMIN capability. This is due to the nfnetlink rcv batch function in net/netfilter/nfnetlink.c not checking whether a batch message's length field is large enough, potentially leading to an infinite loop or out-of-bounds read.
Recommendations For Linux kernel versions prior to 4.5, update to version 4.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the CAP NET ADMIN capability to minimize the risk of exploitation.

Fix

DoS

Out of bounds Read

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-200

Related Identifiers

ALT-PU-2016-1262
ALT-PU-2016-2322
CVE-2016-7917
MGASA-2017-0136
MGASA-2017-0147
MGASA-2017-0148
OPENSUSE-SU-2016_3050-1
OPENSUSE-SU-2017_0458-1
SUSE-SU-2017:0181-1
USN-3312-1
USN-3312-2

Affected Products

Alt Linux
Linux Kernel
Suse
Ubuntu