CVE-2017-5970
Description
The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.752
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-3265-1) linux-image-aws_4.4.0.1016.19_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-gke_4.4.0.1012.14_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-generic_4.4.0.75.81_i386.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-generic_4.4.0.75.81_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-lowlatency_4.4.0.75.81_i386.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-lowlatency_4.4.0.75.81_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-4.4.0-1012-gke_4.4.0-1012.12_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-4.4.0-1016-aws_4.4.0-1016.25_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-4.4.0-75-generic_4.4.0-75.96_i386.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-4.4.0-75-generic_4.4.0-75.96_amd64.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-4.4.0-75-lowlatency_4.4.0-75.96_i386.deb | Linux |
| Linux kernel (USN-3265-1) linux-image-4.4.0-75-lowlatency_4.4.0-75.96_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-4.4.0-75-generic_4.4.0-75.96~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-4.4.0-75-generic_4.4.0-75.96~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-generic-lts-xenial_4.4.0.75.62_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-generic-lts-xenial_4.4.0.75.62_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-4.4.0-75-lowlatency_4.4.0-75.96~14.04.1_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-4.4.0-75-lowlatency_4.4.0-75.96~14.04.1_amd64.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-lowlatency-lts-xenial_4.4.0.75.62_i386.deb | Linux |
| Linux hardware enablement kernel from Xenial for Trusty (USN-3265-2) linux-image-lowlatency-lts-xenial_4.4.0.75.62_amd64.deb | Linux |
| Dtrace-modules-3.8.13-118.17.4.el6uek update (ELSA-2017-3534) dtrace-modules-3.8.13-118.17.4.el6uek-0.4.5-3.el6.x86_64.rpm | Linux |
| Dtrace-modules-3.8.13-118.17.4.el7uek update (ELSA-2017-3534) dtrace-modules-3.8.13-118.17.4.el7uek-0.4.5-3.el7.x86_64.rpm | Linux |
| NULL Pointer Dereference Vulnerability (CVE-2017-5970) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234