Debian: CVE-2017-17712: linux -- security update
|7||(AV:L/AC:M/Au:N/C:C/I:C/A:C)||December 14, 2017||December 23, 2017||January 16, 2018|
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!