Numeric Errors

CVE-2016-3135

High

7.8/10

Summary

Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

Published Apr 27, 2016

Numeric Errors

CVE-2016-3135

Summary

CWE-189 - Numeric Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS