Rapid7 Vulnerability & Exploit Database

Amazon Linux AMI: CVE-2016-3134: Security patch for kernel (ALAS-2016-694)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Amazon Linux AMI: CVE-2016-3134: Security patch for kernel (ALAS-2016-694)

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
04/27/2016
Created
07/25/2018
Added
04/28/2016
Modified
10/14/2022

Description

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

Solution(s)

  • amazon-linux-upgrade-kernel

References

  • RHSA-2016:1847
  • RHSA-2016:1875
  • RHSA-2016:1883
  • ALAS-2016-694
  • SUSE-SU-2016:1672
  • SUSE-SU-2016:1690
  • SUSE-SU-2016:1696
  • SUSE-SU-2016:1764
  • SUSE-SU-2016:1961
  • SUSE-SU-2016:1985
  • SUSE-SU-2016:1994
  • SUSE-SU-2016:1995
  • SUSE-SU-2016:2000
  • SUSE-SU-2016:2001
  • SUSE-SU-2016:2002
  • SUSE-SU-2016:2005
  • SUSE-SU-2016:2006
  • SUSE-SU-2016:2007
  • SUSE-SU-2016:2009
  • SUSE-SU-2016:2010
  • SUSE-SU-2016:2014
  • SUSE-SU-2016:2074
  • DLA-516-1
  • DSA-3607
  • 84305
  • 1036763
  • USN-2929-1
  • USN-2929-2
  • USN-2930-1
  • USN-2930-2
  • USN-2930-3
  • USN-2931-1
  • USN-2932-1
  • USN-3049-1
  • USN-3050-1
  • CVE-2016-3134
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;