Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786.
References
Configurations
Configuration 1 (hide)
|
History
09 Feb 2024, 19:11
Type | Values Removed | Values Added |
---|---|---|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:2669 - Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2018:1854 - Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/96264 - Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:2077 - Third Party Advisory | |
References | (CONFIRM) https://source.android.com/security/bulletin/pixel/2017-11-01 - Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2017:1842 - Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2017/dsa-3791 - Third Party Advisory, VDB Entry |
Information
Published : 2017-02-18 21:59
Updated : 2024-02-28 15:44
NVD link : CVE-2017-6001
Mitre link : CVE-2017-6001
CVE.ORG link : CVE-2017-6001
JSON object : View
Products Affected
linux
- linux_kernel
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')