Launchpad CVE tracker

CVE 2016-4998

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.

Related bugs and status

CVE-2016-4998 (Candidate) is related to these bugs:

Bug #1239087: Safely remove is not working (or broken) in Gnome Disks

Summary				In	Importance	Status
	1239087	Safely remove is not working (or broken) in Gnome Disks		gnome-disk-utility (Ubuntu)	Undecided	New

Bug #792085: Automatic remount of safely removed USB 3.0 drive

		In	Importance	Status
792085	Automatic remount of safely removed USB 3.0 drive	linux (Fedora)	Undecided	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (openSUSE)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu Yakkety)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu Xenial)	Medium	Fix Released
792085	Automatic remount of safely removed USB 3.0 drive	linux (Ubuntu Trusty)	Medium	Triaged

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2016-4998

References