Integer Overflow and Memory Corruption Vulnerability in Linux Kernel's BPF Verifier
CVE-2017-17854 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.