An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges.
Find out more about CVE-2017-1000112 from the
MITRE CVE dictionary dictionary and
This issue affects the Linux kernel packages as shipped with Red Hat
Enterprise Linux 5,6, 7 and MRG-2.
Future Linux kernel updates for the respective releases may address this issue.