The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel up to and including 4.9.9 allows malicious users to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |