AVG-434

Package linux
Status Fixed
Severity High
Type arbitrary code execution
Affected 4.12.10-1
Fixed 4.13-1
Current 4.18.1.arch1-1 [core]
Ticket None
Created Thu Oct 5 15:58:58 2017
Issue Severity Remote Type Description
CVE-2017-1000112 High No Arbitrary code execution
Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to...
CVE-2017-1000111 High No Arbitrary code execution
heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes...