Linux Kernel Setsockopt MCAST_MSFILTER Integer Overflow Vulnerability

Linux Kernel Setsockopt MCAST_MSFILTER Integer Overflow Vulnerability

An integer-overflow vulnerability has been reported in the 'setsockopt()' system call. This was introduced as of the 2.4.22/2.6.1 kernel releases.

The specific issue resides in the 'net/ipv4/ip_sockglue.c' source file and is present in the 'ip_setsockopt()' subroutine of the 'setsockopt()' system call. Within this subroutine, an integer overflow occurs within the IP_MSFILTER_SIZE macro, which is used when setting the MCAST_MSFILTER socket option.

A local attacker may exploit this issue to compromise the system or cause a denial of service. Note that this type of vulnerability may provide a generic means of privilege escalation across Linux distributions after a remote attacker has gained unauthorized access as a lower-privileged user.