CVE-2017-7533
CVE-2017-7533
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
Affected products
n/a · Linux kernel through 4.12.4public PoCs found — 1
exploitdbwww.exploit-db.com/exploits/44302unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=49d31c2f389acfe83417083e1208422b4091cd9ehttp://openwall.com/lists/oss-security/2017/08/03/2https://access.redhat.com/errata/RHSA-2017:2473https://access.redhat.com/errata/RHSA-2017:2585https://access.redhat.com/errata/RHSA-2017:2669https://access.redhat.com/errata/RHSA-2017:2770https://access.redhat.com/errata/RHSA-2017:2869https://bugzilla.redhat.com/show_bug.cgi?id=1468283https://github.com/torvalds/linux/commit/49d31c2f389acfe83417083e1208422b4091cd9ehttps://patchwork.kernel.org/patch/9755753/https://patchwork.kernel.org/patch/9755757/https://source.android.com/security/bulletin/2017-12-01