The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain sensitive address information via crafted bpf system calls.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-05-22T22:00:00
Updated: 2024-08-05T16:55:22.355Z
Reserved: 2017-05-22T00:00:00
Link: CVE-2017-9150
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-05-22T22:29:00.190
Modified: 2017-09-09T01:29:03.863
Link: CVE-2017-9150
Redhat