CVE-2017-1000111 — Race Condition in Kernel
Severity
7.8HIGHNVD
EPSS
0.1%
top 82.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 5
Latest updateMay 13
Description
Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace.…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages6 packages
Also affects: Debian Linux 8.0, 9.0, Enterprise Linux 5.0, 6.0, 7.0, 7.4, 7.6, 7.5