CVE-2016-3134
Published Apr 27, 2016
Last updated a year ago
Overview
- Description
- The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
- Source
- security@opentext.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 8.4
- Impact score
- 5.9
- Exploitability score
- 2.5
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:11.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5FDEDA8-6F51-4945-B443-438CC987F235"
},
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "336EC5B8-6FD8-42BB-9530-58A15238CEE1"
},
{
"criteria": "cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01E6CAD9-DC1F-4C7C-8C8E-98E4BFABAC94"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_debuginfo:11.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E090E7B3-2346-463D-8A0C-8B482500CB42"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA04C9F1-6257-4D82-BA0B-37DE66D94736"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6359EF76-9371-4418-8694-B604CF02CF63"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_live_patching:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CCAAE4A1-D542-43F3-B7FC-685BCDB248D5"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_module_for_public_cloud:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A961CBC6-3CA1-4A0F-BBE0-8F6315781B7C"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2905A9C-3E00-4188-8341-E5C2F62EF405"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:extra:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8877923-3E50-4F71-B501-E6997894D07E"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:11.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADE9D807-6690-4D67-A6B3-68BBC9B50153"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81D94366-47D6-445A-A811-39327B150FCD"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF461FB4-8BA5-4065-9A69-DC017D3611C3"
},
{
"criteria": "cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F003591-0639-476C-A014-03F06A274880"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E93DE20-F6CD-4B8B-836D-7844A2697466",
"versionEndIncluding": "4.5.2"
}
],
"operator": "OR"
}
]
}
]