Linux kernel netfilter privilege escalation and Denial of Service Vulnerability (CVE-2016-3134)

Linux kernel netfilter privilege escalation and Denial of Service Vulnerability (CVE-2016-3134)
Linux kernel netfilter privilege escalation and Denial of Service Vulnerability (CVE-2016-3134)

Release date:
Updated on:

Affected Systems:

Linux kernel 〈= 4.5.2

Description:

CVE (CAN) ID: CVE-2016-3134

Linux Kernel is the Kernel of the Linux operating system.

In Linux kernel 4.5.2 and earlier versions, some offset fields are not verified by the netfilter subsystem. Through IPT_SO_SET_REPLACE setsockopt, local attackers can escalate permissions or cause DoS attacks.

<* Source: Andrej Nemec
　
*>

Suggestion:

Vendor patch:

Linux
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:


Https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309

Http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit? Id = 54d83fc74aa9ec72794373cb47432c5f7fb1a309

Https://bugzilla.redhat.com/show_bug.cgi? Id = 1317383

How to install Linux Kernel 4.4 on Ubuntu

Linux Kernel 4.2.2 compilation and installation tutorial

Ubuntu 15.10 will use the Linux Kernel 4.2 Kernel

How to install Kernel 4.0.2 on CentOS 7

How to install Linux Kernel 4.0 on CentOS 7

How to install Linux kernel 4.0 on Ubuntu/CentOS?

How to install Linux kernel 13.10 On Ubuntu 3.12

How to install the 3.16.7 CKT2 kernel in Ubuntu 14.10, Ubuntu 14.04, and its derivative versions

Linux Kernel: click here
Linux Kernel: click here

This article permanently updates the link address: