CVE-2017-8244 linux

Metadata

medium
6.9
linux
CVE-2017-8244
2017-06-18 07:52
2017-06-16 18:42
2017-05-14 05:03
2017-05-12 23:03

Description

In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. "buffer->curr" itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write).

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

None

Unaffected

Release Package Reason
stretch linux
jessie linux
buster linux
wheezy linux
sid linux