A security flaw exists in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel up to and including 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.04 |