We have moved to a new Sailfish OS Forum. Please start new discussions there.
1 | initial version | posted 2017-05-11 15:27:59 +0200 |
Description
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c (and net/l2tp/l2tp_ip6.c. -- not in kernel-adaptation-sbj-3.4.108.20161101.1) CVSS v3:7.0 high/medium (attack range: local)
Upstream Patch available.
File affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/l2tp/l2tp_ip.c lines 254-261; 269-273
Description
Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c (and net/l2tp/l2tp_ip6.c. -- not in kernel-adaptation-sbj-3.4.108.20161101.1) CVSS v3:7.0 high/medium (attack range: local)
Upstream Patch available.
File affected: kernel-adaptation-sbj-3.4.108.20161101.1/net/l2tp/l2tp_ip.c lines 254-261; 269-273