CVE-2017-9150

2017-05-23T09:18:06
ID RH:CVE-2017-9150
Type redhatcve
Reporter redhat.com
Modified 2020-04-08T19:37:34

Description

The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.