Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:12264
HistoryJan 15, 2019 - 9:14 a.m.

Remote Code Execution (RCE)

2019-01-1509:14:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
20

EPSS

0.038

Percentile

91.9%

kernel is vulnerable to remote code execution (RCE) attacks. The vulnerability exists as a use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

References