Wind River Support Network

HomeDefectsLIN5-23124
Fixed

LIN5-23124 : Security Advisory - linux - CVE-2017-9074

Created: May 25, 2017    Updated: May 29, 2018
Resolved Date: Jul 20, 2017
Found In Version: 5.0.1.39
Fix Version: 5.0.1.41
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Kernel

Description

The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

https://nvd.nist.gov/vuln/detail/CVE-2017-9074

Other Downloads


Live chat
Online