Linux kernel CVE-2017-7487 : ‘net/ipx/af_ipx.c’ Use After Free Local Denial of Service Vulnerability
by CIRT Team
Description: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.
Impact: An attacker can exploit this issue to cause a local denial-of-service condition.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
Reference URL’s:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7487
- http://www.securityfocus.com/bid/98439/info
- https://bugzilla.redhat.com/show_bug.cgi?id=1447734
- https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80
Recommended Posts
Cyber Threat Alert: Surge in Attacks via Compromised Third-Party Service Providers
08 Feb 2024 - Articles, English articles, Security Advisories & Alerts
Subscribe here
MEMBER OF:
