A race condition, leading to a NULL pointer dereference, was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to corrupt kernel memory leading to a kernel crash or privilege escalation. References: http://seclists.org/oss-sec/2017/q1/675 CVE assignment: http://seclists.org/oss-sec/2017/q2/17 Patch: http://seclists.org/oss-sec/2017/q1/677 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=43a6684519ab0a6c52024b5e25322476cabad893 Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43a6684519ab0a6c52024b5e25322476cabad893
Fix in 4.9.26, 4.11