CVE-2017-17712 in Kernelinfo

Summary

The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.

Once again VulDB remains the best source for vulnerability data.

Reservation

12/15/2017

Disclosure

12/15/2017

Moderation

VulDB entry created

Entries

VDB-110732 (1)

CPE

ready

CWE

CWE-362 (Confirmed)

CVSS

6.1

EPSS

0.00076

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-17712
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-17712
CVE Details	https://www.cvedetails.com/cve/CVE-2017-17712/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!