Wind River Support Network

HomeDefectsSCP6-990
Fixed

SCP6-990 : Security Advisory - linux - CVE-2017-9074

Created: May 25, 2017    Updated: Dec 3, 2018
Resolved Date: Sep 25, 2017
Found In Version: 6.0.0.33
Fix Version: 6.0.0.35
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel

Description

The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

https://nvd.nist.gov/vuln/detail/CVE-2017-9074

Other Downloads


Live chat
Online