OVAL Reference oval:com.ubuntu.trusty:def:20164997000

Oval Definition:

oval:com.ubuntu.trusty:def:20164997000

Revision Date:	2016-07-03	Version:	1
Title:	CVE-2016-4997 on Ubuntu 14.04 LTS (trusty) - high.
Description:	The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2016-4997
Platform(s):	Ubuntu 14.04 LTS	Product(s):
Definition Synopsis
Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'linux' package in trusty was vulnerable but has been fixed (note: '3.13.0-91.138'). OR NOT While related to the CVE in some way, the 'linux-aws' package in trusty is not affected (note: '4.4.0-1002.2'). OR NOT While related to the CVE in some way, the 'linux-azure' package in trusty is not affected (note: '4.15.0-1023.24~14.04.1'). OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it. OR The 'linux-lts-utopic' package in trusty was vulnerable but has been fixed (note: '3.16.0-76.98~14.04.1'). OR The 'linux-lts-vivid' package in trusty was vulnerable but has been fixed (note: '3.19.0-64.72~14.04.1'). OR The 'linux-lts-wily' package in trusty was vulnerable but has been fixed (note: '4.2.0-41.48~14.04.1'). OR The 'linux-lts-xenial' package in trusty was vulnerable but has been fixed (note: '4.4.0-28.47~14.04.1'). OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it. OR While related to the CVE in some way, a decision has been made to ignore it.

BACK