BSA-2017-343
21361
27 October 2017
23 June 2017
Closed
Medium
5.5
N/A
CVE-2017-9242
Summary
Security Advisory ID : BSA-2017-343
Component : Kernel
Revision : 3.0: Final
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.
Affected ProductsNo Brocade product lines are affected by this vulnerability.
Products Confirmed Not VulnerableBrocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network OS, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager, Brocade Virtual Web Application Firewall and Brocade Workflow Composer are confirmed not affected by this vulnerability.
WorkaroundThere are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | June 23, 2017 |
2.0 | Updated to address FOS, NOS, & WC | October 13, 2017 |
3.0 | Updated to address ADX & vADX | October 27, 2017 |