The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
17 Jan 2023, 21:01
Type | Values Removed | Values Added |
---|---|---|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2018:3822 - Third Party Advisory | |
References | (EXPLOIT-DB) https://www.exploit-db.com/exploits/45553/ - Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0 - Third Party Advisory |
Information
Published : 2017-07-11 23:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-11176
Mitre link : CVE-2017-11176
CVE.ORG link : CVE-2017-11176
JSON object : View
Products Affected
linux
- linux_kernel
debian
- debian_linux
CWE
CWE-416
Use After Free