7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
5.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:N/A:C
The kernel package is vulnerable to denial of service (DoS). It is due to the flaw found in the kernels socket recvmmsg subsystem during the error handling routines within __sys_recvmmsg()
function.
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html
rhn.redhat.com/errata/RHSA-2016-1847.html
rhn.redhat.com/errata/RHSA-2016-1875.html
rhn.redhat.com/errata/RHSA-2016-1883.html
rhn.redhat.com/errata/RHSA-2017-0036.html
www.debian.org/security/2016/dsa-3607
www.openwall.com/lists/oss-security/2016/06/24/5
www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
www.securityfocus.com/bid/91451
www.securitytracker.com/id/1036171
www.ubuntu.com/usn/USN-3016-1
www.ubuntu.com/usn/USN-3016-2
www.ubuntu.com/usn/USN-3016-3
www.ubuntu.com/usn/USN-3016-4
www.ubuntu.com/usn/USN-3017-1
www.ubuntu.com/usn/USN-3017-2
www.ubuntu.com/usn/USN-3017-3
www.ubuntu.com/usn/USN-3018-1
www.ubuntu.com/usn/USN-3018-2
www.ubuntu.com/usn/USN-3019-1
www.ubuntu.com/usn/USN-3020-1
access.redhat.com/errata/RHSA-2016:1847
access.redhat.com/errata/RHSA-2016:1875
access.redhat.com/errata/RHSA-2016:1883
access.redhat.com/errata/RHSA-2017:0036
access.redhat.com/security/cve/CVE-2016-4998
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1349886
github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
5.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:P/I:N/A:C