Описание
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 4.9.18-1 | package | |
| linux | fixed | 3.16.43-1 | jessie | package |
Примечания
Fixed by: https://git.kernel.org/linus/2b6867c2ce76c596676bec7d2d525af525fdc6e2
Fixed by: https://git.kernel.org/linus/8f8d28e4d6d815a391285e121c3a53a0b6cb9e7b
Fixed by: https://git.kernel.org/linus/bcc5364bdcfe131e6379363f089e7b4108d35b70
https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
EPSS
Связанные уязвимости
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
Security update for Linux Kernel Live Patch 19 for SLE 12
Security update for Linux Kernel Live Patch 15 for SLE 12
EPSS