CVE-2017-13686

net/ipv4/route.c in the Linux kernel 4.13-rc1 through 4.13-rc6 is too late to check for a NULL fi field when RTM_F_FIB_MATCH is set, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via crafted system calls. NOTE: this does not affect any stable release.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:4.13:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.13:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.13:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.13:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.13:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:4.13:rc6:*:*:*:*:*:*

History

No history.

Information

Published : 2017-08-24 22:29

Updated : 2023-12-10 12:15


NVD link : CVE-2017-13686

Mitre link : CVE-2017-13686

CVE.ORG link : CVE-2017-13686


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-476

NULL Pointer Dereference