Описание
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- ExploitThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
EPSS
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.
net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local ...
Security update for the Linux Kernel (Live Patch 32 for SLE 12)
Security update for the Linux Kernel (Live Patch 31 for SLE 12)
EPSS
7.8 High
CVSS3
4.6 Medium
CVSS2