Debian: CVE-2017-17712: linux -- security update
|7||(AV:L/AC:M/Au:N/C:C/I:C/A:C)||December 15, 2017||December 24, 2017||January 17, 2018|
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!