critical remote-attackable CVE-2016-7117 in kernel/net: Fix use after free in the recvmmsg exit path [released]

Tracked by Jolla (In release)

asked 2017-04-06 18:47:34 +0200

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-04-06 18:47:34 +0200

lpr gravatar image

CVSS Base Score3: 9.8 critical remote

Description

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

patch is available, so please fix it as soon as possible...

edit retag flag offensive reopen delete

The question has been closed for the following reason "released in a software update" by lpr
close date 2017-06-14 18:05:14.456498

Comments

1

@lpr Thank you for efforts of reporting vulnerabilities!

alloj ( 2017-04-06 20:46:17 +0200 )edit

@jovirkku how about a "tracked by jolla" in this case, too?

lpr ( 2017-04-07 14:24:02 +0200 )edit

@lpr : released in 2.1.1.12/Jämsänjoki same as (duplicate) CVE-2016-2061 (so JollaC fixed in 2.0.4 fiskarsinjoki)

lpr ( 2017-06-14 18:05:02 +0200 )edit