{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-04-27T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T16:15:54", "orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "microfocus"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"}, {"name": "USN-2930-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"name": "USN-3054-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3054-1"}, {"name": "USN-2930-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/d157bd761585605b7882935ffb86286919f62ea1"}, {"name": "USN-3055-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3055-1"}, {"name": "USN-3056-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3056-1"}, {"name": "USN-2930-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d157bd761585605b7882935ffb86286919f62ea1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386"}, {"name": "USN-3057-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3057-1"}, {"name": "84305", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/84305"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@microfocus.com", "ID": "CVE-2016-3135", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://code.google.com/p/google-security-research/issues/detail?id=758", "refsource": "MISC", "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"}, {"name": "USN-2930-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"name": "USN-3054-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3054-1"}, {"name": "USN-2930-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"name": "https://github.com/torvalds/linux/commit/d157bd761585605b7882935ffb86286919f62ea1", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/d157bd761585605b7882935ffb86286919f62ea1"}, {"name": "USN-3055-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3055-1"}, {"name": "USN-3056-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3056-1"}, {"name": "USN-2930-3", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d157bd761585605b7882935ffb86286919f62ea1", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d157bd761585605b7882935ffb86286919f62ea1"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386"}, {"name": "USN-3057-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3057-1"}, {"name": "84305", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84305"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:47:57.230Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"}, {"name": "USN-2930-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"name": "USN-3054-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3054-1"}, {"name": "USN-2930-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/d157bd761585605b7882935ffb86286919f62ea1"}, {"name": "USN-3055-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3055-1"}, {"name": "USN-3056-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3056-1"}, {"name": "USN-2930-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d157bd761585605b7882935ffb86286919f62ea1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386"}, {"name": "USN-3057-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3057-1"}, {"name": "84305", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/84305"}]}]}, "cveMetadata": {"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "assignerShortName": "microfocus", "cveId": "CVE-2016-3135", "datePublished": "2016-04-27T17:00:00", "dateReserved": "2016-03-13T00:00:00", "dateUpdated": "2024-08-05T23:47:57.230Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A46BB08-BDDE-4A5A-BF6A-FC422CB19757", "versionEndExcluding": "4.4.21", "versionStartIncluding": "4.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "628AFDA5-6C82-4DB8-8280-D1D7C58BBFE7", "versionEndExcluding": "4.6", "versionStartIncluding": "4.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call."}, {"lang": "es", "value": "Desbordamientos de enteros en la funci\u00f3n xt_alloc_table_info en net/netfilter/x_tables.c en el kernel de Linux hasta la versi\u00f3n 4.5.2 en plataformas de 32-bit permite a usuarios locales obtener privilegios o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de una llamada IPT_SO_SET_REPLACE setsockopt."}], "evaluatorComment": "CWE-190: Integer Overflow or Wraparound", "id": "CVE-2016-3135", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-27T17:59:23.850", "references": [{"source": "security@opentext.com", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d157bd761585605b7882935ffb86286919f62ea1"}, {"source": "security@opentext.com", "url": "http://www.securityfocus.com/bid/84305"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-3054-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-3055-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-3056-1"}, {"source": "security@opentext.com", "url": "http://www.ubuntu.com/usn/USN-3057-1"}, {"source": "security@opentext.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386"}, {"source": "security@opentext.com", "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"}, {"source": "security@opentext.com", "url": "https://github.com/torvalds/linux/commit/d157bd761585605b7882935ffb86286919f62ea1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d157bd761585605b7882935ffb86286919f62ea1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/84305"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2930-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2930-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-2930-3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-3054-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-3055-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-3056-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-3057-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://code.google.com/p/google-security-research/issues/detail?id=758"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/torvalds/linux/commit/d157bd761585605b7882935ffb86286919f62ea1"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}, {"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: netfilter: size overflow in x_tables", "id": "1317386", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317386"}, "csaw": false, "cvss": {"cvss_base_score": "6.2", "cvss_scoring_vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "status": "draft"}, "cwe": "CWE-190", "details": ["Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.", "An integer overflow vulnerability was found in the Linux kernel in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption."], "name": "CVE-2016-3135", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "realtime-kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2016-03-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-3135\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-3135"], "statement": "This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, as the code with the flaw is not present in the products listed.\nThis issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 and MRG-2, as 32-bit versions of the products listed are not shipped by the Red Hat.", "threat_severity": "Low"}

{}