Vulnerability CVE-2017-16995: Information
Description
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Fixed packages
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
DSA-4073 |
|
https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f |
|
https://bugs.chromium.org/p/project-zero/issues/detail?id=1454 |
|
http://openwall.com/lists/oss-security/2017/12/21/2 |
|
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=95a762e2c8c942780948091f8f2a4f32fce1ac6f |
|
102288 |
|
USN-3523-2 |
|
44298 |
|
USN-3619-1 |
|
USN-3619-2 |
|
USN-3633-1 |
|
45010 |
|
45058 |
|
https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=a6132276ab5dcc38b3299082efeb25b948263adb |
|