Wind River Support Network

HomeDefectsLIN9-5877

Fixed

LIN9-5877 : Security Advisory - linux - CVE-2017-12193

Created: Nov 30, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 25, 2017

Found In Version: 9.0.0.12

Fix Version: 9.0.0.14

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Kernel

Description

The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.

https://nvd.nist.gov/vuln/detail/CVE-2017-12193

Other Downloads

Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-12193