UBUNTU-CVE-2016-3134

Details

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Affected Packages

linux

Ubuntu 14.04 LTS

Fixed in:

3.13.0-91.138

linux-lts-utopic

Ubuntu 14.04 LTS

Fixed in:

3.16.0-76.98~14.04.1

linux-lts-vivid

Ubuntu 14.04 LTS

Fixed in:

3.19.0-64.72~14.04.1

linux-lts-wily

Ubuntu 14.04 LTS

Fixed in:

4.2.0-41.48~14.04.1

linux-lts-xenial

Ubuntu 14.04 LTS

Fixed in:

4.4.0-28.47~14.04.1

linux

Ubuntu 16.04 LTS

Fixed in:

4.4.0-28.47

linux-raspi2

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1016.22

linux-snapdragon

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1019.22

References

REPORT

http://marc.info/?l=netfilter-devel&m=145757134822741&w=2

REPORT

http://www.openwall.com/lists/oss-security/2016/03/14/1

REPORT

https://code.google.com/p/google-security-research/issues/detail?id=758

REPORT

https://ubuntu.com/security/CVE-2016-3134

ADVISORY

https://ubuntu.com/security/notices/USN-2929-1

ADVISORY

https://ubuntu.com/security/notices/USN-2929-2

ADVISORY

https://ubuntu.com/security/notices/USN-2930-1

ADVISORY

https://ubuntu.com/security/notices/USN-2930-2

ADVISORY

https://ubuntu.com/security/notices/USN-2930-3

ADVISORY

https://ubuntu.com/security/notices/USN-2931-1

ADVISORY

https://ubuntu.com/security/notices/USN-2932-1

ADVISORY

https://ubuntu.com/security/notices/USN-3049-1

ADVISORY

https://ubuntu.com/security/notices/USN-3050-1

REPORT

https://www.cve.org/CVERecord?id=CVE-2016-3134