CVE-2016-9793
CVSS v3.1
7.8 (High)
CVSS v2.0
7.2 (High)
EPSS
0.04 % (17th)
Affected Products
1
Advisories
26
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.
Weaknesses
- CWE-119
- Improper Restriction of Operations within the Bounds of a Memory Buffer
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2016-12-28 07:59:00
(7 years ago) - Updated Date
-
2023-01-17 21:05:19
(20 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...