CVE-2017-6353 in Linuxالمعلومات

الملخص

بحسب MITRE

net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

حجز

26/02/2017

إفشاء

01/03/2017

الاعتدال

تمت الموافقة

إدخال

VDB-97449

EPSS

0.00374

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!