[kernel-sec-discuss] r4719 - active
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Nov 17 13:31:49 UTC 2016
Author: jmm
Date: 2016-11-17 13:31:49 +0000 (Thu, 17 Nov 2016)
New Revision: 4719
Added:
active/CVE-2016-7917
Log:
new issue (requires CAP_NET_ADMIN)
Added: active/CVE-2016-7917
===================================================================
--- active/CVE-2016-7917 (rev 0)
+++ active/CVE-2016-7917 2016-11-17 13:31:49 UTC (rev 4719)
@@ -0,0 +1,15 @@
+Description:
+ The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does
+ not check whether a batch message's length field is large enough, which allows local users to
+ obtain sensitive information from kernel memory or cause a denial of service (infinite loop or
+ out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.
+References:
+ http://source.android.com/security/bulletin/2016-11-01.html
+Notes:
+Bugs:
+upstream: released (4.5) [c58d6c93680f28ac58984af61d0a7ebf4319c241]
+3.16-upstream-stable:
+3.2-upstream-stable:
+sid: released (4.5-1)
+3.16-jessie-security:
+3.2-wheezy-security:
More information about the kernel-sec-discuss
mailing list