Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2017-17857  

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

Source
Severity Medium

Remote No

Type Denial of service

Description 

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel before 4.14.9 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

AVG-574 linux-hardened 4.14.7.a-1 4.14.11.a-1 High Fixed FS#56832

AVG-571 linux-zen 4.14.7-1 4.14.11-1 High Fixed FS#56832

AVG-560 linux-lts 4.9.73-1 4.9.74-1 High Not affected FS#56832

AVG-552 linux 4.14.7-1 4.14.11-1 High Fixed FS#56832

05 Jan 2018 ASA-201801-4 AVG-574 linux-hardened High multiple issues

05 Jan 2018 ASA-201801-3 AVG-571 linux-zen High multiple issues

05 Jan 2018 ASA-201801-1 AVG-552 linux High multiple issues 

https://bugs.chromium.org/p/project-zero/issues/detail?id=1454
http://www.openwall.com/lists/oss-security/2017/12/21/2
https://git.kernel.org/linus/ea25f914dc164c8d56b36147ecc86bc65f83c469

Workaround by disabling unprivileged bpf:
sysctl -w kernel.unprivileged_bpf_disabled=1

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started