PT-2017-2968 · Linux+1 · Linux Kernel+1

Benjamin Poirier

Publicado

2017-08-29

Atualizado

2023-01-19

CVE-2017-14497

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.13

Description The issue is related to the tpacket rcv function in the Linux kernel, which mishandles vnet headers. This might allow local users to cause a denial of service, including buffer overflow, and disk and memory corruption, or possibly have other unspecified impacts via crafted system calls.

Recommendations For Linux kernel versions prior to 4.13, update to version 4.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the tpacket rcv function to minimize the risk of exploitation.

Correção

DoS

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2017-2206

ALT-PU-2017-2269

BDU:2017-02293

CVE-2017-14497

DSA-3981-1

MGASA-2017-0381

MGASA-2017-0383

MGASA-2017-0384

Produtos afetados

Alt Linux

Linux Kernel

PT-2017-2968 · Linux+1 · Linux Kernel+1

CVE-2017-14497

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 40