Willem de Bruijn - Security Researcher - Exploit Intelligence Platform

CVE-2017-15649 WRITEUP HIGH WRITEUP

Linux Kernel < 4.13.6 - Use-After-Free via Packet Fanout Race Condition

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.

CVSS 7.8

View Code

CVE-2017-15649 WRITEUP HIGH WRITEUP

Linux Kernel < 4.13.6 - Use-After-Free via Packet Fanout Race Condition

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.

CVSS 7.8

View Code

CVE-2017-7277 WRITEUP HIGH WRITEUP

Linux kernel <4.10.6 - Info Disclosure/DoS

The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c.

CVSS 7.1

View Code

CVE-2017-7277 WRITEUP HIGH WRITEUP

Linux kernel <4.10.6 - Info Disclosure/DoS

The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c.

CVSS 7.1

View Code