CVE-2017-9242

Impact:
Moderate
Public Date:
2017-05-19
CWE:
CWE-787
Bugzilla:
1456388: CVE-2017-9242 kernel: Incorrect overwrite check in __ip6_append_data()
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

Find out more about CVE-2017-9242 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue does not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2.

CVSS v3 metrics

CVSS3 Base Score 5.5
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (kernel) RHSA-2017:1842 2017-08-01
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) RHSA-2017:2077 2017-08-01

Affected Packages State

Platform Package State
Red Hat Enterprise MRG 2 realtime-kernel Not affected
Red Hat Enterprise Linux 6 kernel Not affected
Red Hat Enterprise Linux 5 kernel Not affected

Last Modified
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.