The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2016-11-16T04:49:00
Updated: 2024-08-06T02:13:20.955Z
Reserved: 2016-09-09T00:00:00
Link: CVE-2016-7917
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2016-11-16T05:59:11.970
Modified: 2016-12-02T23:13:07.220
Link: CVE-2016-7917
Redhat