A race condition, leading to a NULL pointer dereference, was found in the Linux kernel's Link Layer Control implementation. A local attacker with access to ping sockets could use this flaw to corrupt kernel memory leading to a kernel crash or privilege escalation. References: http://seclists.org/oss-sec/2017/q1/675 CVE assignment: http://seclists.org/oss-sec/2017/q2/17 Patch: http://seclists.org/oss-sec/2017/q1/677 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=43a6684519ab0a6c52024b5e25322476cabad893 Upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43a6684519ab0a6c52024b5e25322476cabad893
*** Bug 1436658 has been marked as a duplicate of this bug. ***
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1436663]
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 as the code with the flaw is not present in the products listed. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and MRG-2. Future Linux kernel updates for the respective releases may address this issue.
CVE assignment: http://seclists.org/oss-sec/2017/q2/17
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:2077 https://access.redhat.com/errata/RHSA-2017:2077
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2017:1842 https://access.redhat.com/errata/RHSA-2017:1842
This issue has been addressed in the following products: Red Hat Enterprise MRG 2 Via RHSA-2017:2669 https://access.redhat.com/errata/RHSA-2017:2669
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2018:1854 https://access.redhat.com/errata/RHSA-2018:1854