← back
CVE-2016-4998

CVE-2016-4998

18Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 1.9%
from disclosure to weapon0 days
Published on NVDJul 3
metasploitJun 3
exploitation probability
1.9%top 23% of all CVEs
observed exploitation
nono source reports it
The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.
Affected products
n/a · n/a