Information Disclosure Vulnerability in Linux Kernel's do_check Function

Information Disclosure Vulnerability in Linux Kernel's do_check Function

CVE-2017-9150 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.