Vulnerability & Exploit Database

Back to search

Debian: CVE-2017-17712: linux -- security update

Severity CVSS Published Added Modified
7 (AV:L/AC:M/Au:N/C:C/I:C/A:C) December 14, 2017 December 23, 2017 January 16, 2018

Description

The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

debian-upgrade-linux