Wind River Support Network

HomeDefectsLIN9-4291
Fixed

LIN9-4291 : Security Advisory - linux - CVE-2017-9074

Created: May 25, 2017    Updated: May 29, 2018
Resolved Date: Aug 10, 2017
Found In Version: 9.0.0.6
Fix Version: 9.0.0.8
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Kernel

Description

The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

https://nvd.nist.gov/vuln/detail/CVE-2017-9074

Other Downloads


CVEs


Live chat
Online