CVE-2017-9150 in Linuxinformazioni

Riassunto

di MITRE

The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

22/05/2017

Divulgazione

22/05/2017

Moderazione

accettato

Voce

VDB-101623

CPE

pronto

CWE

CWE-200 (confermato)

Sfruttamento

Scaricare

CVSS

5.5 (NVD)

EPSS

0.01261

KEV

Attività

molto basso

Settore

Education, Agriculture, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-9150
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-9150
CVE Details	https://www.cvedetails.com/cve/CVE-2017-9150/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!