Vulnerability & Exploit Database

Back to search

SUSE: CVE-2017-12193: SUSE Linux Security Advisory

Severity CVSS Published Added Modified
4 (AV:L/AC:M/Au:N/C:P/I:P/A:P) November 17, 2017 December 03, 2017 December 04, 2017

Description

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

suse-upgrade-kernel-default

Related Vulnerabilities