Wind River Support Network

HomeDefectsLIN8-6763
Fixed

LIN8-6763 : Security Advisory - linux - CVE-2017-9074

Created: May 25, 2017    Updated: Dec 3, 2018
Resolved Date: Jun 15, 2017
Found In Version: 8.0.0.17
Fix Version: 8.0.0.19
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Kernel

Description

The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

https://nvd.nist.gov/vuln/detail/CVE-2017-9074

Other Downloads


CVEs


Live chat
Online