CVE-2017-7482

Summary

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.

Affected Software

VendorProductVersion RangeStatus
[UNKNOWN]kernel:4.12affected

Weaknesses

  • CWE-190: CWE-190

ADP Enrichment

CVE Program Container

Additional References

References