CVE-2017-3196

HIGH

PCAUSA Rawether - Local Privilege Escalation via BPF Program Memory Corruption

Title source: llm
STIX 2.1

Description

PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. Local attackers can exploit this issue to execute arbitrary code with SYSTEM privileges.

References (4)

Core 4
Core References
Exploit, Third Party Advisory x_refsource_misc
http://blog.rewolf.pl/blog/?p=1778
Exploit, Mitigation, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
https://www.kb.cert.org/vuls/id/600671
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/96993/discuss

Scores

CVSS v3 7.8
EPSS 0.0070
EPSS Percentile 48.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
Printing Communications Assoc., Inc. (PCAUSA)/ASUS PCE-AC56 WLAN Card Utilities
rawether_project/rawether
Published Dec 16, 2017
Tracked Since Feb 18, 2026