Medium severity5.5NVD Advisory· Published Dec 27, 2017· Updated May 13, 2026

CVE-2017-17862

Description

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.spinics.net/lists/stable/msg206984.htmlnvdPatchThird Party Advisory
git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/nvdVendor Advisory
www.securityfocus.com/bid/102325nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1040057nvdThird Party AdvisoryVDB Entry
anonscm.debian.org/cgit/kernel/linux.git/tree/debian/patches/bugfix/all/bpf-fix-branch-pruning-logic.patchnvdThird Party Advisory
github.com/torvalds/linux/commit/c131187db2d3fa2f8bf32fdf4e9a4ef805168467nvdThird Party Advisory
www.debian.org/security/2017/dsa-4073nvdThird Party Advisory
usn.ubuntu.com/3619-1/nvd
usn.ubuntu.com/3619-2/nvd
usn.ubuntu.com/usn/usn-3523-2/nvd

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000