Description: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
References:
Notes:
Bugs:
upstream: released (4.7-rc1) [7d35812c3214afa5b37a675113555259cfd67b98, a08e4e190b866579896c09af59b3bdca821da2cd, 7ed2abddd20cf8f6bd27f65bd218f26fa5bf7f44, 13631bfc604161a9d69cd68991dff8603edd66f9, b7eba0f3515fca3296b8881d583f7c1042f5226]
3.16-upstream-stable: released (3.16.37) [netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch, netfilter-x_tables-assert-minimum-target-size.patch, netfilter-x_tables-check-standard-target-size-too.patch, netfilter-x_tables-validate-all-offsets-and-sizes-in-a-rule.patch, netfilter-x_tables-don-t-reject-valid-target-size-on-some.patch]
3.2-upstream-stable: ignored "too many changes required, and netfilter is not exposed to unprivileged users"
sid: released (4.6.2-2) [bugfix/all/netfilter-x_tables-add-and-use-xt_check_entry_offset.patch, bugfix/all/netfilter-x_tables-assert-minimum-target-size.patch, bugfix/all/netfilter-x_tables-check-standard-target-size-too.patch, bugfix/all/netfilter-x_tables-validate-all-offsets-and-sizes-in.patch, bugfix/all/netfilter-x_tables-don-t-reject-valid-target-size-on.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/all/netfilter-x_tables-add-and-use-xt_check_entry_offset.patch, bugfix/all/netfilter-x_tables-assert-minimum-target-size.patch, bugfix/all/netfilter-x_tables-check-standard-target-size-too.patch, bugfix/all/netfilter-x_tables-validate-all-offsets-and-sizes-in.patch, bugfix/all/netfilter-x_tables-don-t-reject-valid-target-size-on.patch]
3.2-wheezy-security: ignored "too many changes required, and netfilter is not exposed to unprivileged users"