CVE-2017-6347 in Linuxالمعلومات

الملخص

بحسب MITRE

The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

المصادر

Interested in the pricing of exploits?

See the underground prices here!