Lucene search

K
redhatcveRedhat.comRH:CVE-2017-16996
HistoryMar 08, 2020 - 1:43 p.m.

CVE-2017-16996

2020-03-0813:43:55
redhat.com
access.redhat.com
17

0.0004 Low

EPSS

Percentile

5.1%

An arbitrary memory r/w access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL) support. The issue could occur due to calculation errors in the eBPF verifier module, triggered by user supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter β€œkernel.unprivileged_bpf_disabled=1” prevents such privilege escalation by restricting access to bpf(2) call.

0.0004 Low

EPSS

Percentile

5.1%