Linux kernel CVE-2017-9077 Local Denial of Service Vulnerability
by CIRT Team
Description: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.
Impact: An attacker can exploit this issue to cause a local denial-of-service condition.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
- https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52 https://patchwork.ozlabs.org/patch/760370/