High severity7.0NVD Advisory· Published Dec 16, 2017· Updated May 13, 2026
CVE-2017-17712
CVE-2017-17712
Description
The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdPatchVendor Advisory
- github.com/torvalds/linux/commit/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483nvdPatchThird Party Advisory
- access.redhat.com/errata/RHSA-2018:0502nvdThird Party Advisory
- source.android.com/security/bulletin/pixel/2018-04-01nvdThird Party Advisory
- usn.ubuntu.com/3581-1/nvdThird Party Advisory
- usn.ubuntu.com/3581-2/nvdThird Party Advisory
- usn.ubuntu.com/3581-3/nvdThird Party Advisory
- usn.ubuntu.com/3582-1/nvdThird Party Advisory
- usn.ubuntu.com/3582-2/nvdThird Party Advisory
- www.debian.org/security/2017/dsa-4073nvdThird Party Advisory
News mentions
0No linked articles in our index yet.