CVE-2016-9793 in Linuxالمعلومات

الملخص

بحسب MITRE • 25/01/2023

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

02/12/2016

إفشاء

28/12/2016

الاعتدال

تمت الموافقة

إدخال

VDB-94701

استغلال

تحميل

EPSS

0.01566

KEV

لا

النشاطات

منخفض جدًا

المصادر

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!