CVE-2017-2636

Sažetak

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=1428319
http://www.openwall.com/lists/oss-security/2017/03/07/6
http://www.securityfocus.com/bid/96732
https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html
http://www.securitytracker.com/id/1037963
http://www.debian.org/security/2017/dsa-3804
https://access.redhat.com/errata/RHSA-2017:1488
https://access.redhat.com/errata/RHSA-2017:1233
https://access.redhat.com/errata/RHSA-2017:1232
https://access.redhat.com/errata/RHSA-2017:1126
https://access.redhat.com/errata/RHSA-2017:1125
https://access.redhat.com/errata/RHSA-2017:0986
https://access.redhat.com/errata/RHSA-2017:0933
https://access.redhat.com/errata/RHSA-2017:0932
https://access.redhat.com/errata/RHSA-2017:0931
https://access.redhat.com/errata/RHSA-2017:0892

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

24-02-2023 - 18:43

Objavljeno

07-03-2017 - 22:59