Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 363858430232455f0869bcc6fd5b932f598ea78a
commit363858430232455f0869bcc6fd5b932f598ea78a[log] [tgz]
authorTeow Wan Yee <wy.teow@hi-p.com>Fri Aug 26 16:53:10 2016 +0800
committerJeron Susan <jeron.susan@hi-p.com>Wed Aug 31 16:21:47 2016 +0800
tree38232c0f6e6e1683fe14d1120135db007f77e5d9
parent630c3562c940453af00f3ab79e90ae08eb276fc8 [diff]
FPII-2340: Information disclosure vulnerability in kernel networking
subsystem (device specific) CVE-2016-4998 A-29637687

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem,
in the Linux kernel before 4.6, allows local users to cause a denial of service (out-of-bounds read)
or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to
provide a crafted offset value that leads to crossing a ruleset blob boundary.
The fix is designed to add additional bounds checks to prevent the information disclosure vulnerability.

Change-Id: Iddb544b809e9fd8ad034207bd3764579f47a5308
3 files changed
tree: 38232c0f6e6e1683fe14d1120135db007f77e5d9
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS