Lucene search

K
f5F5F5:K74171196
HistoryFeb 22, 2017 - 12:00 a.m.

K74171196 : Linux kernel vulnerability CVE-2016-4998

2017-02-2200:00:00
my.f5.com
67

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

Security Advisory Description

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary. (CVE-2016-4998)
Impact
This vulnerability can allow attackers with local access to the system to cause unauthorized disclosure of information or disruption of service.