Vulnerability & Exploit Database

Back to search

SUSE: CVE-2017-12193: SUSE Linux Security Advisory

Severity CVSS Published Added Modified
5 (AV:L/AC:L/Au:N/C:N/I:N/A:C) November 18, 2017 December 04, 2017 June 21, 2018

Description

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

suse-upgrade-kernel-default

Related Vulnerabilities