Vulnerability identifier: #VU90212
Vulnerability risk: Low
CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tnl_update_pmtu(), ip_md_tunnel_xmit() and ip_tunnel_xmit() functions in net/ipv4/ip_tunnel.c. A local user can escalate privileges on the system.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/f81e94d2dcd2397137edcb8b85f4c5bed5d22383
http://git.kernel.org/stable/c/2e95350fe9db9d53c701075060ac8ac883b68aee
http://git.kernel.org/stable/c/afec0c5cd2ed71ca95a8b36a5e6d03333bf34282
http://git.kernel.org/stable/c/ab63de24ebea36fe73ac7121738595d704b66d96
http://git.kernel.org/stable/c/a0a1db40b23e8ff86dea2786c5ea1470bb23ecb9
http://git.kernel.org/stable/c/049d7989c67e8dd50f07a2096dbafdb41331fb9b
http://git.kernel.org/stable/c/5ae1e9922bbdbaeb9cfbe91085ab75927488ac0f
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.