Alibaba Cloud Linux 2.1903 Hotfix Security Advisory: HOTFIX-SA-2021:0012
Issued: 2021-07-21
Updated: 2021-07-21
Summary
kernel-hotfix security update
Severity
High
Description
A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. The compat IPT_SO_SET_REPLACE/IP6T_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allows local users to gain privileges or cause a denial of service (heap memory corruption) via user namespace. This vulnerability is very similar to CVE-2016-3134 (CVSSv3 8.4 High) and CVE-2016-4997 (CVSSv3 7.8 High).
References
Updated Packages
- x86_64
- kernel-hotfix-5928799-24.al7-1.0-20210719171836.al7.x86_64.rpm → (download)