Wind River Support Network

HomeDefectsLIN9-5897

Fixed

LIN9-5897 : Security Advisory - linux - CVE-2017-16939

Created: Nov 30, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 25, 2017

Found In Version: 9.0.0.12

Fix Version: 9.0.0.14

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Kernel

Description

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.

https://nvd.nist.gov/vuln/detail/CVE-2017-16939

Other Downloads

Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-16939