Vulnerability Details : CVE-2016-3134
The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
Vulnerability category: OverflowMemory CorruptionDenial of service
Products affected by CVE-2016-3134
- cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:extra:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:novell:suse_linux_enterprise_module_for_public_cloud:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-3134
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 52 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-3134
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
8.4
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.5
|
5.9
|
NIST |
CWE ids for CVE-2016-3134
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-3134
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html
[security-announce] SUSE-SU-2016:1961-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-2930-3
USN-2930-3: Linux kernel (Raspberry Pi 2) vulnerabilities | Ubuntu security notices
-
http://rhn.redhat.com/errata/RHSA-2016-1875.html
RHSA-2016:1875 - Security Advisory - Red Hat Customer Portal
-
http://www.ubuntu.com/usn/USN-2930-2
USN-2930-2: Linux kernel (Wily HWE) vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html
[security-announce] SUSE-SU-2016:1764-1: important: Security update forThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-1883.html
RHSA-2016:1883 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=1317383
1317383 – (CVE-2016-3134) CVE-2016-3134 kernel: netfilter: missing bounds check in ipt_entry structureIssue Tracking
-
https://github.com/torvalds/linux/commit/54d83fc74aa9ec72794373cb47432c5f7fb1a309
netfilter: x_tables: fix unconditional helper · torvalds/linux@54d83fc · GitHubPatch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html
[security-announce] SUSE-SU-2016:1696-1: important: Security update forThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html
[security-announce] SUSE-SU-2016:2006-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html
[security-announce] SUSE-SU-2016:2000-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html
[security-announce] SUSE-SU-2016:2005-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html
[security-announce] SUSE-SU-2016:2074-1: important: Security update for
-
http://www.securitytracker.com/id/1036763
Google Android Multiple Flaws Let Remote Users Deny Service and Execute Arbitrary Code and Let Applications Obtain Potentially Sensitive Information and Gain Elevated Privileges - SecurityTracker
-
http://www.ubuntu.com/usn/USN-2932-1
USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html
[security-announce] SUSE-SU-2016:1672-1: important: Security update forThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html
[security-announce] SUSE-SU-2016:2014-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-3050-1
USN-3050-1: Linux kernel (OMAP4) vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2931-1
USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities | Ubuntu security notices
-
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
Oracle VM Server for x86 Bulletin - October 2016
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html
[security-announce] SUSE-SU-2016:1690-1: important: Security update forThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html
[security-announce] SUSE-SU-2016:2001-1: important: Security update for
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
Oracle Linux Bulletin - October 2016
-
http://www.ubuntu.com/usn/USN-2929-2
USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2929-1
USN-2929-1: Linux kernel vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html
[security-announce] openSUSE-SU-2016:1641-1: important: Security update
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html
[security-announce] SUSE-SU-2016:2010-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html
[security-announce] SUSE-SU-2016:1995-1: important: Security update for
-
http://rhn.redhat.com/errata/RHSA-2016-1847.html
RHSA-2016:1847 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/84305
Linux Kernel Local Memory Corruption and Integer Overflow Vulnerabilities
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html
[security-announce] SUSE-SU-2016:2002-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html
[security-announce] SUSE-SU-2016:2007-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-3049-1
USN-3049-1: Linux kernel vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html
[security-announce] SUSE-SU-2016:1985-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html
[security-announce] SUSE-SU-2016:1994-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html
[security-announce] SUSE-SU-2016:2009-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-2930-1
USN-2930-1: Linux kernel vulnerabilities | Ubuntu security notices
-
https://code.google.com/p/google-security-research/issues/detail?id=758
758 - project-zero - Monorail
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309
kernel/git/torvalds/linux.git - Linux kernel source treeVendor Advisory
-
http://www.debian.org/security/2016/dsa-3607
Debian -- Security Information -- DSA-3607-1 linux
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Oracle Linux Bulletin - July 2016
Jump to