CVE-2017-13715

2017-08-29T01:35:00
ID CVE-2017-13715
Type cve
Reporter cve@mitre.org
Modified 2017-09-08T20:55:00

Description

The __skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel before 4.3 does not ensure that n_proto, ip_proto, and thoff are initialized, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a single crafted MPLS packet.