Integer Signedness Error and Out-of-Bounds Write Vulnerability in Linux Kernel's packet_set_ring Function

Integer Signedness Error and Out-of-Bounds Write Vulnerability in Linux Kernel's packet_set_ring Function

CVE-2017-7308 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.