Home CVE Database CVE-2017-12193

CVE-2017-12193

Description

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

Priority: MEDIUM
CVSS v3: 5.5
Publish Date: Nov 22, 2017
Related ID: --
CVSS v2: Medium
Modified Date: Nov 22, 2017

Find out more about CVE-2017-12193 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

linux

Live chat
Online