CVE-2017-7308
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
| Software | From | Fixed in |
|---|---|---|
| linux / linux_kernel | 4.10 | 4.10.14 |
| linux / linux_kernel | 3.3 | 3.10.107 |
| linux / linux_kernel | 3.19 | 4.1.41 |
| linux / linux_kernel | 3.17 | 3.18.52 |
| linux / linux_kernel | 4.2 | 4.4.66 |
| linux / linux_kernel | 4.5 | 4.9.26 |
| linux / linux_kernel | 3.11 | 3.12.74 |
| linux / linux_kernel | 3.13 | 3.16.44 |
| linux / linux_kernel | 2.6.27 | 3.2.89 |
- http://www.securityfocus.com/bid/97234
- https://access.redhat.com/errata/RHSA-2017:1297
- https://access.redhat.com/errata/RHSA-2017:1298
- https://access.redhat.com/errata/RHSA-2017:1308
- https://access.redhat.com/errata/RHSA-2018:1854
- https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
- https://patchwork.ozlabs.org/patch/744811/
- https://patchwork.ozlabs.org/patch/744812/
- https://patchwork.ozlabs.org/patch/744813/
- https://source.android.com/security/bulletin/2017-07-01
- https://www.exploit-db.com/exploits/41994/
- https://www.exploit-db.com/exploits/44654/
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime