Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 缓冲区错误漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.4.99及之前的版本中的net/core/sock.c文件的‘sock_setsockopt’函数存在安全漏洞,该漏洞源于程序没有正确的处理‘sk_sndbuf’和‘sk_rcvbuf’的负值。本地攻击者可借助带有SO_SNDBUF或SO_RCVBUF选项的setsockopt系统调用利用该漏洞造成拒绝服务(内存损坏
CVSS Information
N/A
Vulnerability Type
N/A