| Revision Date: | 2022-05-20 | Version: | 1 |
| Title: | CVE-2017-7979 |
| Description: |
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system hang or crash) or possibly have unspecified other impact via "tc filter add" commands in certain contexts. NOTE: this does not affect stable kernels, such as 4.10.x, from kernel.org.
|
| Family: | unix | Class: | vulnerability |
| Status: | | Reference(s): | Mitre CVE-2017-7979
SUSE CVE-2017-7979
|
| Platform(s): | SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information
kernel-default is not affected
OR kernel-source is not affected
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND
kernel-default is not affected
OR kernel-source is not affected
OR Package Information
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND
kernel-default is affected
OR kernel-source is affected
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Desktop 12 SP1 is installed
OR SUSE Linux Enterprise Server 12 SP1 is installed
OR SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
kernel-default is not affected
OR kernel-source is not affected
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise Server 12 SP1 is installed
OR SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
kernel-default is not affected
OR kernel-source is not affected
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
kernel-default is not affected
OR kernel-source is not affected
|