vulnerability
SUSE: CVE-2012-6704: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Dec 28, 2016 | Apr 26, 2018 | Jun 21, 2018 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 28, 2016
Added
Apr 26, 2018
Modified
Jun 21, 2018
Description
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.
Solutions
suse-upgrade-kernel-bigmemsuse-upgrade-kernel-bigmem-basesuse-upgrade-kernel-bigmem-develsuse-upgrade-kernel-bigsmpsuse-upgrade-kernel-bigsmp-basesuse-upgrade-kernel-bigsmp-develsuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-default-mansuse-upgrade-kernel-docssuse-upgrade-kernel-ec2suse-upgrade-kernel-ec2-basesuse-upgrade-kernel-ec2-develsuse-upgrade-kernel-paesuse-upgrade-kernel-pae-basesuse-upgrade-kernel-pae-develsuse-upgrade-kernel-ppc64suse-upgrade-kernel-ppc64-basesuse-upgrade-kernel-ppc64-develsuse-upgrade-kernel-sourcesuse-upgrade-kernel-symssuse-upgrade-kernel-tracesuse-upgrade-kernel-trace-basesuse-upgrade-kernel-trace-develsuse-upgrade-kernel-xensuse-upgrade-kernel-xen-basesuse-upgrade-kernel-xen-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.