CVE-2017-10661

2017-08-14T08:49:02
ID RH:CVE-2017-10661
Type redhatcve
Reporter redhat.com
Modified 2020-08-18T19:20:40

Description

A race condition was found in the Linux kernel before version 4.11-rc1 in 'fs/timerfd.c' file which allows a local user to cause a kernel list corruption or use-after-free via simultaneous operations with a file descriptor which leverage improper 'might_cancel' queuing. An unprivileged local user could use this flaw to cause a denial of service of the system. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.