← back
CVE-2017-14489

CVE-2017-14489

EPSS 1.2%
The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/42932/unverifiedexploitdbwww.exploit-db.com/exploits/42932unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.redhat.com/show_bug.cgi?id=1490421https://patchwork.kernel.org/patch/9923803/https://usn.ubuntu.com/3583-1/https://usn.ubuntu.com/3583-2/https://www.exploit-db.com/exploits/42932/http://www.debian.org/security/2017/dsa-3981http://www.securityfocus.com/bid/101011