Oval Definition:	oval:com.ubuntu.artful:def:20172671000
Revision Date: 2017-04-05 Version: 1 Title: CVE-2017-2671 on Ubuntu 17.10 (artful) - negligible. Description: The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call. Daniel Jiang discovered that a race condition existed in the ipv4 ping socket implementation in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). Family: unix Class: vulnerability Status: Reference(s): CVE-2017-2671 Platform(s): Ubuntu 17.10 Product(s): Definition Synopsis Ubuntu 17.10 (artful) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in artful is not affected (note: '4.10.0-22.24'). OR NOT While related to the CVE in some way, the 'linux-raspi2' package in artful is not affected (note: '4.10.0-1006.8'). OR NOT While related to the CVE in some way, the 'linux-snapdragon' package in artful is not affected (note: '4.4.0-1059.63').
BACK