CVE-2017-7542

Published: Jul 21, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

Vendor	Product	Versions
n/a	Linux kernel versions up to and including 4.12	affected `Linux kernel versions up to and including 4.12`

Weaknesses (CWE)

CWE-190

References

DSA-3927

vendor-advisory

x_refsource_DEBIAN

RHSA-2018:0169

vendor-advisory

x_refsource_REDHAT

USN-3583-2

vendor-advisory

x_refsource_UBUNTU

RHSA-2017:2918

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2931

vendor-advisory

x_refsource_REDHAT

99953

vdb-entry

x_refsource_BID

https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

x_refsource_CONFIRM

USN-3583-1

vendor-advisory

x_refsource_UBUNTU

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6

x_refsource_CONFIRM

DSA-3945

vendor-advisory

x_refsource_DEBIAN

https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6

x_refsource_CONFIRM

RHSA-2017:2930

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-7542

Description

Affected Products

Weaknesses (CWE)

References