617506 – (CVE-2017-2671) Kernel CVE-2017-2671 ping socket / AF_LLC connect() sin_family race

Bug 617506 (CVE-2017-2671) - Kernel CVE-2017-2671 ping socket / AF_LLC connect() sin_family race

Summary: Kernel CVE-2017-2671 ping socket / AF_LLC connect() sin_family race

Status:	RESOLVED FIXED

Alias:	CVE-2017-2671

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Kernel Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2017-05-04 18:24 UTC by Volkan
Modified:	2022-03-25 23:00 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Volkan 2017-05-04 18:24:17 UTC

A race condition, leading to a NULL pointer dereference, was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to corrupt kernel memory leading to a kernel crash or privilege escalation. 

References:

http://seclists.org/oss-sec/2017/q1/675

CVE assignment:

http://seclists.org/oss-sec/2017/q2/17

Patch:

http://seclists.org/oss-sec/2017/q1/677

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=43a6684519ab0a6c52024b5e25322476cabad893

Upstream patch:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43a6684519ab0a6c52024b5e25322476cabad893

Comment 1 John Helmert III archtester

2022-03-25 23:00:37 UTC

Fix in 4.9.26, 4.11