Описание
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 4.9.10-1 | package |
Примечания
Fixed by: https://github.com/torvalds/linux/commit/34b2cef20f19c87999fff3da4071e66937db9644 (v4.10-rc8)
Introduced by: https://github.com/torvalds/linux/commit/f84af32cbca70a3c6d30463dc08c7984af11c277 (v2.6.35-rc1)
Связанные уязвимости
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Security update for Linux Kernel Live Patch 12 for SLE 12 SP1
Security update for Linux Kernel Live Patch 3 for SLE 12 SP2