The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2016-07-03T21:00:00
Updated: 2018-01-04T19:57:01
Reserved: 2016-05-24T00:00:00
Link: CVE-2016-4997
JSON object: View
NVD Information
Status : Modified
Published: 2016-07-03T21:59:16.057
Modified: 2023-09-12T14:55:31.563
Link: CVE-2016-4997
JSON object: View
Redhat Information
No data.
CWE