CVE-2017-18017
CVE-2017-18017
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2638fd0f92d4397884fd991d8f4925cb3f081901http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-02/msg00013.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-02/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-02/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-02/msg00047.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-03/msg00030.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-03/msg00067.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-03/msg00070.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-03/msg00072.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-04/msg00014.htmlhttp://patchwork.ozlabs.org/patch/746618/