Denial of Service Vulnerability in Linux Kernel's ipv4_pktinfo_prepare Function

CVE-2017-5970 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.