Heap-based buffer overflow in Linux kernel - CVE-2017-0786
Published: October 12, 2017 / Updated: April 30, 2018
Vulnerability identifier: #VU8811
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-0786
CWE-ID: CWE-122
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows an adjacent attacker to gain elevated privileges on the target system.
The weakness exists due to corrupting heap memory because of buffer overruns. An adjacent attacker can gain root privileges.
The weakness exists due to corrupting heap memory because of buffer overruns. An adjacent attacker can gain root privileges.
How to mitigate CVE-2017-0786
Install update from vendor's website.