Lucene search

K
prionPRIOn knowledge basePRION:CVE-2017-16939
HistoryNov 24, 2017 - 10:29 a.m.

Design/Logic Flaw

2017-11-2410:29:00
PRIOn knowledge base
www.prio-n.com
5

AI Score

7.1

Confidence

High

EPSS

0

Percentile

0.4%

The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.