CVE-2017-1000255

Name of the Vulnerable Software and Affected Versions Linux versions 4.9-rc1 and later, with CONFIG PPC TRANSACTIONAL MEM enabled

Description A flaw in the Linux kernel allows a user process to craft a signal frame and trigger an exception, enabling an attacker to overwrite arbitrary kernel memory locations with arbitrary values. This occurs on Linux running on PowerPC hardware (Power8 or later) when a sigreturn is executed after crafting a signal frame. The exception handling produces an oops and potentially a panic if panic on oops=1, but only after kernel memory has been overwritten.

Recommendations For Linux versions 4.9-rc1 and later with CONFIG PPC TRANSACTIONAL MEM enabled, consider disabling transactional memory (TM) support by setting CONFIG PPC TRANSACTIONAL MEM to 'n' to mitigate the risk of exploitation.