Other IDs this deficiency may be known by:
|Date Last Modified
Version Specific Information:
|Cucumber 1.0 i686||fixed in linux-4.9.51-i686-1 |
|Cucumber 1.0 x86_64||fixed in linux-4.9.51-x86_64-1 |
|Cucumber 1.1 i686
||fixed in linux-4.9.51-i686-1 |
|Cucumber 1.1 x86_64
||fixed in linux-4.9.51-x86_64-1 |
The tpacket_rcv function in net/packet/af_packet.c in the Linux kernel before
4.13 mishandles vnet headers, which might allow local users to cause a denial of
service (buffer overflow, and disk and memory corruption) or possibly have
unspecified other impact via crafted system calls
There is a patch available at https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=edbd58be15a957f6a760c4a514cd475217eb97fd.
This patch has been applied in the 4.13 version but (as of Fri Sep 15 16:46:48
EDT 2017) has yet to be applied to the 4.9 stable branch.
**EDIT** As of Wed Sep 20 13:08:31 EDT 2017 this patch has been applied to the
4.9.51 version of the Linux kernel.