Note:
This project will be discontinued after December 13, 2021. [more]
2017-09-08
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
| Products | Linux_kernel |
| Type | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CWE-362) |
| First patch |
https://github.com/torvalds/linux/commit/6265539776a0810b7ce6398c27866ddb9c6bd154 |
| Patches | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6265539776a0810b7ce6398c27866ddb9c6bd154 |
| Relevant file/s | ./drivers/base/platform.c (modified, +9, -2) |
| Links |
• https://bugzilla.suse.com/show_bug.cgi?id=1057474
• https://bugzilla.redhat.com/show_bug.cgi?id=1489078 • http://www.securityfocus.com/bid/100651 • http://www.debian.org/security/2017/dsa-3981 • https://source.android.com/security/bulletin/2017-09-01 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: