Red Hat Bugzilla – Bug 1349886
CVE-2016-4998 kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
Last modified: 2017-01-19 07:37:52 EST
An out-of-bounds heap memory access, leading to a Denial of Service or possibly heap disclosure or further impact was found in setsockopt(). The particular setsockopt() call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw. Upstream fixes http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d04 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb088 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968 Discussion on oss-sec: http://www.openwall.com/lists/oss-security/2016/06/24/5
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1350316]
Public via: http://seclists.org/oss-sec/2016/q2/599
kernel-4.6.3-300.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.
kernel-4.5.7-202.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
kernel-4.4.14-200.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products: MRG for RHEL-6 v.2 Via RHSA-2016:1883 https://rhn.redhat.com/errata/RHSA-2016-1883.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1847 https://rhn.redhat.com/errata/RHSA-2016-1847.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1875 https://rhn.redhat.com/errata/RHSA-2016-1875.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0036 https://rhn.redhat.com/errata/RHSA-2017-0036.html