Double Fetch Vulnerability in Linux Kernel's sound/oss/msnd_pinnacle.c

Double Fetch Vulnerability in Linux Kernel's sound/oss/msnd_pinnacle.c

CVE-2017-9986 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "double fetch" vulnerability.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.