An integer overflow vulnerability was found in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption. Proposed fix: patch v1 message: http://marc.info/?l=netfilter-devel&m=145757136822750&w=2 patch v1 thread: http://marc.info/?t=145757149700001&r=1&w=2 patch v2 message: http://marc.info/?l=netfilter-devel&m=145800533813758&w=2 (in netfilter-devel) patch v2 message: http://marc.info/?l=linux-netdev&m=145800538413781&w=2 (in linux-netdev) CVE request and assignment: http://seclists.org/oss-sec/2016/q1/581 http://seclists.org/oss-sec/2016/q1/619
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1317387]
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, as the code with the flaw is not present in the products listed. This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2, as 32-bit versions of the products listed are not shipped by the Red Hat.
*** Bug 1320143 has been marked as a duplicate of this bug. ***
kernel-4.4.6-300.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
kernel-4.4.6-200.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
kernel-4.5.0-302.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.