Wind River Support Network


SCP7-417 : Security Advisory - linux - CVE-2016-4998

Created: Jun 29, 2016    Updated: Sep 8, 2018
Resolved Date: Aug 10, 2016
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel


An out-of-bounds heap memory access, leading to a Denial of Service or possibly heap disclosure or further impact was found in setsockopt(). The particular setsockopt() call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw.

Upstream fixes

Discussion on oss-sec: 

Other Downloads

Live chat