CVE-2017-9986

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.11.8

Description The issue is related to the intr function in sound/oss/msnd pinnacle.c, which allows local users to cause a denial of service or possibly have other unspecified impacts. This is due to a "double fetch" vulnerability, where the value of a message queue head pointer can be changed between two kernel reads, resulting in over-boundary access. The vulnerability can be exploited by a local attacker to cause a denial of service or potentially other effects.

Recommendations For Linux kernel versions prior to 4.11.8, update to version 4.11.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the sound/oss/msnd pinnacle.c module to minimize the risk of exploitation.