Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 617506 (CVE-2017-2671)

Summary: Kernel CVE-2017-2671 ping socket / AF_LLC connect() sin_family race
Product: Gentoo Security Reporter: Volkan <vBugZilla>
Component: KernelAssignee: Gentoo Kernel Security <security-kernel>
Status: UNCONFIRMED ---    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Package list:
Runtime testing required: ---

Description Volkan 2017-05-04 18:24:17 UTC
A race condition, leading to a NULL pointer dereference, was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to corrupt kernel memory leading to a kernel crash or privilege escalation. 


CVE assignment:


Upstream patch: