First published: Fri Jun 24 2016(Updated: )
A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitary kernel memory when unloading a kernel module. This action is usually restricted to root-priveledged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated priveledges. This flaw was introduced in commit 52e804c6dfaa, Upstream fixes <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d04">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d04</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb088">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb088</a> <a href="http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968">http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bdf533de6968</a> Discussion on oss-sec: <a href="http://www.openwall.com/lists/oss-security/2016/06/24/5">http://www.openwall.com/lists/oss-security/2016/06/24/5</a>
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | >=2.6.17<3.2.80 | |
Linux Kernel | >=3.3<3.10.103 | |
Linux Kernel | >=3.11<3.12.62 | |
Linux Kernel | >=3.13<3.14.73 | |
Linux Kernel | >=3.15<3.16.37 | |
Linux Kernel | >=3.17<3.18.37 | |
Linux Kernel | >=3.19<4.1.28 | |
Linux Kernel | >=4.2<4.4.14 | |
Linux Kernel | >=4.5<4.6.3 | |
Ubuntu Linux | =12.04 | |
Ubuntu Linux | =14.04 | |
Ubuntu Linux | =15.10 | |
Ubuntu Linux | =16.04 | |
SUSE Linux Enterprise Software Development Kit | =12.0 | |
SUSE Linux Enterprise Software Development Kit | =12.0-sp1 | |
SUSE Linux Enterprise Desktop | =12.0 | |
SUSE Linux Enterprise Desktop | =12.0-sp1 | |
SUSE Linux Enterprise Live Patching | =12.0 | |
SUSE Linux Enterprise Module for Public Cloud | =12.0 | |
SUSE Linux Enterprise Real Time Extension | =12.0-sp1 | |
SUSE Linux Enterprise Server | =12.0 | |
SUSE Linux Enterprise Server | =12.0-sp1 | |
SUSE Linux Enterprise Workstation Extension | =12.0 | |
SUSE Linux Enterprise Workstation Extension | =12.0-sp1 | |
Oracle Linux | =7 | |
Debian GNU/Linux | =8.0 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.123-1 6.1.128-1 6.12.12-1 6.12.13-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-4997 is considered a high severity vulnerability that allows arbitrary kernel memory alteration.
To address CVE-2016-4997, it is recommended to update to the patched Linux kernel versions such as 5.10.223-1 or later.
CVE-2016-4997 affects 32-bit Linux processes running on 64-bit systems across various Linux kernel versions.
Exploitation of CVE-2016-4997 can lead to unauthorized access and alteration of kernel memory, compromising system integrity.
CVE-2016-4997 is relevant for several Linux distributions, including Debian, Ubuntu, and SUSE, depending on the kernel version.