vulnerability
SUSE: CVE-2017-17712: SUSE Linux Security Advisory
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:M/Au:N/C:C/I:C/A:C) | Dec 15, 2017 | Feb 9, 2018 | Feb 4, 2022 |
Severity
7
CVSS
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Published
Dec 15, 2017
Added
Feb 9, 2018
Modified
Feb 4, 2022
Description
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
Solution(s)
suse-upgrade-kernel-azure-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-source-azure
References
- SUSE-SUSE-SU-2018:0269-1
- SUSE-SUSE-SU-2018:0272-1
- SUSE-SUSE-SU-2018:0273-1
- SUSE-SUSE-SU-2018:0277-1
- SUSE-SUSE-SU-2018:0278-1
- SUSE-SUSE-SU-2018:0280-1
- SUSE-SUSE-SU-2018:0281-1
- SUSE-SUSE-SU-2018:0282-1
- SUSE-SUSE-SU-2018:0294-1
- SUSE-SUSE-SU-2018:0296-1
- SUSE-SUSE-SU-2018:0297-1
- SUSE-SUSE-SU-2018:0298-1
- SUSE-SUSE-SU-2018:0301-1
- SUSE-SUSE-SU-2018:0340-1
- SUSE-SUSE-SU-2018:0345-1
- SUSE-SUSE-SU-2018:0346-1
- SUSE-SUSE-SU-2018:0347-1
- SUSE-SUSE-SU-2018:0383-1
- SUSE-SUSE-SU-2018:0416-1
- SUSE-SUSE-SU-2018:0431-1
- SUSE-SUSE-SU-2018:0433-1
- SUSE-SUSE-SU-2018:0436-1
- SUSE-SUSE-SU-2018:0482-1
- SUSE-SUSE-SU-2018:0986-1
- REDHAT-RHSA-2018:0502
- UBUNTU-USN-3581-1
- UBUNTU-USN-3581-2
- UBUNTU-USN-3581-3
- UBUNTU-USN-3582-1
- UBUNTU-USN-3582-2
- DEBIAN-DSA-4073
- NVD-CVE-2017-17712

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.