ALAS-2016-694 ---- kernel perfID: oval:org.secpod.oval:def:1600345 | Date: (C)2016-05-19 (M)2024-01-29 |
Class: PATCH | Family: unix |
An integer overflow vulnerability was found in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption. In the mark_source_chains function it is possible for a user-supplied ipt_entry structure to have a large next_offset field. This field is not bounds checked prior to writing a counter value at the supplied offset. A weakness was found in the Linux ASLR implementation. Any user able to run 32-bit applications in a x86 machine can disable the ASLR by setting the RLIMIT_STACK resource to unlimited. Destroying a network interface with a large number of IPv4 addresses keeps a rtnl_lock for a very long time, which can block many network-related operations
Platform: |
Amazon Linux AMI |